JVN#38784555
Multiple vulnerabilities in UNIVERGE SV9500/SV8500 series
Overview
UNIVERGE SV9500/SV8500 series provided by NEC Platforms, Ltd. contain multiple vulnerabilities.
Products Affected
- UNIVERGE SV9500 series from V1 to V7
- UNIVERGE SV8500 series from S6 to S8
Description
Remote system maintenance feature of UNIVERGE SV9500/SV8500 series' Web based remote maintenance console contains multiple vulnerabilities listed below.
- OS Command Injection (CWE-78) - CVE-2020-5685
CVSS v3 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Base Score: 9.6 CVSS v2 AV:A/AC:L/Au:N/C:P/I:P/A:P Base Score: 5.8 - Incorrect Implementation of Authentication Algorithm (CWE-303) - CVE-2020-5686
CVSS v3 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L Base Score: 7.6 CVSS v2 AV:A/AC:L/Au:N/C:P/I:P/A:P Base Score: 5.8
Impact
- If an attacker who can access the device sends a specially crafted request to a specific URL, an arbitrary command may be executed or a denial-of-service (DoS) condition may be caused - CVE-2020-5685
- If an attacker who can access the device sends a specially crafted request to a specific URL, the remote system maintenance feature may be accessed illegally and information may be disclosed - CVE-2020-5686
Solution
Update the Software
Update to the software according to the information provided by the developer.
Contact your product dealer for details of the update.
Apply the workarounds
Applying the following workarounds may mitigate the impacts of these vulnerabilities.
- Do not directly connect the products to an external network such as the Internet.
- Explicitly create an access rule based on source IP addresses/destination IP addresses/port numbers for network connection to the products.
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Credit
NEC Platforms, Ltd. reported these vulnerabilities to IPA to notify users of its solution through JVN. JPCERT/CC and NEC Platforms, Ltd. coordinated under the Information Security Early Warning Partnership.
Other Information
JPCERT Alert |
|
JPCERT Reports |
|
CERT Advisory |
|
CPNI Advisory |
|
TRnotes |
|
CVE |
CVE-2020-5685 |
CVE-2020-5686 |
|
JVN iPedia |
JVNDB-2021-000001 |
Update History
- 2021/03/25
- Information under [Credit] was updated.