HomeVulnerabilityCommvault warns of vital Command Middle flaw

Commvault warns of vital Command Middle flaw

Commvault is a broadly used knowledge safety, backup, and restoration software program platform, with customers like Amazon, Walmart, and Apple, that, if breached, can enable disruption to a company’s backup operations, along with unauthorized entry, lateral motion, and deployment of malware and ransomware.

SSRF flaw escalated to code execution

The vulnerability was reported by watchTowr Labs researcher Sonny Macdonald as a server-side request forgery (SSRF) problem in a pre-authenticated endpoint known as deployWebpackage.do. Macdonald known as it a “very easy pre-auth SSRF vulnerability, as there isn’t a filtering limiting the hosts that may be communicated with.”

“SSRF vulnerabilities are somewhat tough to find, however they’ll trigger vital injury,” mentioned Thomas Richards, infrastructure security apply director at Black Duck. “Customers of Commvault ought to patch their set up instantly and start forensic examination to find out if their occasion was exploited. If the occasion was uncovered to the web in any respect, firewall restrictions must be put in place to regulate who can entry it.”

SSRF — a flaw enabling attackers to trick a server into making unauthorized requests to inner or exterior techniques — can not (by itself) enable code execution. On this explicit case, nonetheless, Macdonald constructed a PoC exploit to indicate how this pre-authenticated SSRF might be escalated to permit RCE.

See also  Dutch appellate court docket guidelines towards Oracle and Salesforce in a GDPR-related cookie case
- Advertisment -spot_img
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular