CVE-2023-1778 - OpenCVE

This vulnerability exists in GajShield Data Security Firewall firmware versions prior to v4.28 (except v4.21) due to insecure default credentials which allows remote attacker to login as superuser by using default username/password via web-based management interface and/or exposed SSH port thereby enabling remote attackers to execute arbitrary commands with administrative/superuser privileges on the targeted systems. The vulnerability has been addressed by forcing the user to change their default password to a new non-default password.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Gajshield	Data Security Firewall Data Security Firewall Firmware

Configuration 1 [-]

AND

OR	cpe:2.3:o:gajshield:data_security_firewall_firmware::::::::
	cpe:2.3:o:gajshield:data_security_firewall_firmware::::::::

cpe:2.3:h:gajshield:data_security_firewall:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2023-0119

History

No history.

MITRE

Status: PUBLISHED

Assigner: CERT-In

Published: 2023-04-27T09:33:19.070Z

Updated: 2024-08-02T05:57:25.233Z

Reserved: 2023-03-31T11:56:48.453Z

Link: CVE-2023-1778

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-04-27T10:15:09.160

Modified: 2023-05-08T18:34:04.320

Link: CVE-2023-1778

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-1778", "assignerOrgId": "66834db9-ab24-42b4-be80-296b2e40335c", "state": "PUBLISHED", "assignerShortName": "CERT-In", "dateReserved": "2023-03-31T11:56:48.453Z", "datePublished": "2023-04-27T09:33:19.070Z", "dateUpdated": "2024-08-02T05:57:25.233Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Data Security Firewall", "vendor": "GajShield", "versions": [{"lessThan": "4.28", "status": "affected", "version": "4.5", "versionType": "custom"}, {"status": "unaffected", "version": "4.21"}]}], "credits": [{"lang": "en", "type": "finder", "value": "This vulnerability is identified by Prashant Pandey from Indian Computer Emergency Response Team (CERT-In)."}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>This vulnerability exists in GajShield Data Security Firewall firmware versions prior to v4.28 (except v4.21) due to insecure default credentials which allows remote attacker to login as superuser by using default username/password via web-based management interface and/or exposed SSH port thereby enabling remote attackers to execute arbitrary commands with administrative/superuser privileges on the targeted systems.</p><br><br><p>The vulnerability has been addressed by forcing the user to change their default password to a new non-default password.</p><br>"}], "value": "This vulnerability exists in GajShield Data Security Firewall firmware versions prior to v4.28 (except v4.21) due to insecure default credentials which allows remote attacker to login as superuser by using default username/password via web-based management interface and/or exposed SSH port thereby enabling remote attackers to execute arbitrary commands with administrative/superuser privileges on the targeted systems.\n\nThe vulnerability has been addressed by forcing the user to change their default password to a new non-default password.\n"}], "impacts": [{"capecId": "CAPEC-114", "descriptions": [{"lang": "en", "value": "CAPEC-114 Authentication Abuse"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-287", "description": "CWE-287 Improper Authentication", "lang": "en", "type": "CWE"}]}], "references": [{"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2023-0119"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Update GajShield Data Security Firewall firmware to latest version <br><br><a target=\"_blank\" rel=\"nofollow\" href=\"https://kb.gajshield.com/kbarticle?entryid=299&parentid=35\">https://kb.gajshield.com/kbarticle?entryid=299&parentid=35</a><br><a target=\"_blank\" rel=\"nofollow\" href=\"https://kb.gajshield.com/kbarticle?entryid=318&parentid=35\">https://kb.gajshield.com/kbarticle?entryid=318&parentid=35</a><br>"}], "value": "Update GajShield Data Security Firewall firmware to latest version \n\n https://kb.gajshield.com/kbarticle?entryid=299&parentid=35 https://kb.gajshield.com/kbarticle \n https://kb.gajshield.com/kbarticle?entryid=318&parentid=35 https://kb.gajshield.com/kbarticle \n"}], "source": {"discovery": "UNKNOWN"}, "title": "Default Credential Vulnerability in GajShield Data Security Firewall", "providerMetadata": {"orgId": "66834db9-ab24-42b4-be80-296b2e40335c", "shortName": "CERT-In", "dateUpdated": "2023-04-28T11:05:32.435Z"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:57:25.233Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2023-0119", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:gajshield:data_security_firewall_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CC450B0E-9218-431E-AF1E-66DAE043583E", "versionEndExcluding": "4.21", "vulnerable": true}, {"criteria": "cpe:2.3:o:gajshield:data_security_firewall_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8D28542-6331-414D-8C95-40D84D624BF1", "versionEndExcluding": "4.28", "versionStartIncluding": "4.22", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:gajshield:data_security_firewall:-:*:*:*:*:*:*:*", "matchCriteriaId": "4DC0BE30-5990-4A63-A541-2455018D94EB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "This vulnerability exists in GajShield Data Security Firewall firmware versions prior to v4.28 (except v4.21) due to insecure default credentials which allows remote attacker to login as superuser by using default username/password via web-based management interface and/or exposed SSH port thereby enabling remote attackers to execute arbitrary commands with administrative/superuser privileges on the targeted systems.\n\nThe vulnerability has been addressed by forcing the user to change their default password to a new non-default password.\n"}], "id": "CVE-2023-1778", "lastModified": "2023-05-08T18:34:04.320", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "vdisclose@cert-in.org.in", "type": "Secondary"}]}, "published": "2023-04-27T10:15:09.160", "references": [{"source": "vdisclose@cert-in.org.in", "tags": ["Third Party Advisory"], "url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2023-0119"}], "sourceIdentifier": "vdisclose@cert-in.org.in", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-522"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-287"}], "source": "vdisclose@cert-in.org.in", "type": "Secondary"}]}