{"vuid":"VU#515283","idnumber":"515283","name":"Seagate BlackArmor device static administrator password reset vulnerability","keywords":["Seagate","BlackArmor","password","php","reset"],"overview":"The Seagate BlackArmor network attached storage device contains a static administrator password reset vulnerability.","clean_desc":"The Seagate BlackArmor network attached storage device contain a static php file used to reset the administrator password. A remote unauthenticated attacker with access to the device's management web server can directly access the webpage, http://DevicesIpAddress/d41d8cd98f00b204e9800998ecf8427e.php and reset the administrator password.","impact":"A remote unauthenticated attacker may be able to reset the administrator password of the device.","resolution":"Update The vendor has stated that updated firmware has been released that addresses this vulnerability. Updated firmware for 1, 2 and 4-bay Seagate BlackArmor devices can be found under the \"Downloads\" tab on vendor's support website. The firmware versions that are reported to address this vulnerability are: BlackArmorNAS 110: 1000.1301\nBlackArmorNAS 220: 2000.1311\nBlackArmorNAS 440: 4000.1391","workarounds":"Restrict network access Restrict network access to the Seagate BlackArmor network attached storage devices system web interface and other devices using open protocols like HTTP.","sysaffected":"","thanks":"Thanks to Jason Ellison for reporting this vulnerability.","author":"This document was written by Michael Orlando.","public":["http://www.seagate.com/www/en-us/products/network_storage/blackarmor/","http://www.seagate.com/support/external-hard-drives/network-storage/blackarmor-nas-110/","http://www.seagate.com/support/external-hard-drives/network-storage/blackarmor-nas-220/","http://www.seagate.com/support/external-hard-drives/network-storage/blackarmor-nas-440/","http://forums.seagate.com/t5/BlackArmor-NAS-Network-Storage/Announcement-New-limited-release-firmware-is-available-for-all/td-p/164862"],"cveids":["CVE-2012-2568"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2012-02-08T16:36:13Z","publicdate":"2012-05-23T00:00:00Z","datefirstpublished":"2012-05-23T18:30:02Z","dateupdated":"2012-07-18T20:11:42Z","revision":29,"vrda_d1_directreport":"1","vrda_d1_population":"3","vrda_d1_impact":"3","cam_widelyknown":"0","cam_exploitation":"0","cam_internetinfrastructure":"0","cam_population":"0","cam_impact":"0","cam_easeofexploitation":"0","cam_attackeraccessrequired":"0","cam_scorecurrent":"0","cam_scorecurrentwidelyknown":"0","cam_scorecurrentwidelyknownexploited":"0","ipprotocol":"","cvss_accessvector":"N","cvss_accesscomplexity":"L","cvss_authentication":null,"cvss_confidentialityimpact":"P","cvss_integrityimpact":"P","cvss_availabilityimpact":"P","cvss_exploitablity":null,"cvss_remediationlevel":"W","cvss_reportconfidence":"UC","cvss_collateraldamagepotential":"L","cvss_targetdistribution":"L","cvss_securityrequirementscr":"ND","cvss_securityrequirementsir":"ND","cvss_securityrequirementsar":"ND","cvss_basescore":"7.5","cvss_basevector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss_temporalscore":"5.8","cvss_environmentalscore":"1.6","cvss_environmentalvector":"CDP:L/TD:L/CR:ND/IR:ND/AR:ND","metric":0.0,"vulnote":null}