Vulmon
Verax NMS Hardcoded Private Key (CVE-2013-1352)
I. BACKGROUND
----------------------
Verax NMS provides a service-oriented, unified
management & monitoring of networks, applications
and infrastructure enabling quick problem detection,
root-cause analysis, reporting and automating recovery,
reducing costs and shortening downtimes of IT service delivery.
Source: http://www.veraxsystems.com/en/products/nms
II. DESCRIPTION
----------------------
In versions prior to 2.1.0 of VeraxNMS, the server-side component
eadministratorconsole-core-1.5.2.jar, contains a method named
decryptPassword(). This method provides the functionality
to decrypt a user's password using an implementation of RSA.
Within com.veraxsystems.eadministratorconsole.remote.service.impl,
it has been discovered that decryptPassword() uses a static,
hardcoded private key to facilitate this process. As a result,
these passwords should be considered insecure due to the fact
that recovering the private key is decidedly trivial.
III. AFFECTED PRODUCTS
----------------------
All versions of Verax NMS prior to 2.1.0 are vulnerable.
IV. RECOMMENDATION
----------------------
Users should upgrade to version 2.1.0 of Verax NMS.
V. CREDIT
----------------------
This vulnerability was discovered by Andrew Brooks.
VI. REFERENCES
----------------------
CVE-2013-1352
CVE-2013-1351 (Related)
http://download.veraxsystems.com/download/nms-2.1.0-release-notes.txt
VII. TIMELINE
----------------------
1/10/2013 - Vendor notified
1/11/2013 - Vendor acknowledges bug report
2/20/2013 - Vulnerability remediated and pushed to mainline
<p>