JVN#42665874
"Shadankun Server Security Type" vulnerable to denial-of-service (DoS)
Overview
"Shadankun Server Security Type" contains a denial-of-service (DoS) vulnerability where newly detected attack source IP addresses can not be added as blocking targets for a certain time.
Products Affected
- Shadankun Server Security Type (excluding normal blocking method types) Ver.1.5.3 and earlier
Description
"Shadankun Server Security Type" provided by Cyber Security Cloud , Inc. contains a denial-of-service (DoS) vulnerability. When "Rule id"s assigned by the product's internal script overlap, it would not be able to add newly detected attack source IP addresses as the blocking targets (CWE-703).
The overlaps of "Rule id"s occur under following conditions:
- When multiple attack requests are sent from a large number of source IP addresses in under 10 microseconds
- When attack requests from more than one source IP addresses occurred at the same time by the minute/10 microsecond to 100 millisecond units, but different time by the second
Impact
A remote attacker may be able to cause a denial-of-service (DoS) where newly detected attack source IP address can not be added as blocking targets.
Solution
Replace the script file
Replace the script file used in the product with the updated script file, according to the information provided by the developer.
Vendor Status
| Vendor | Link |
| Cyber Security Cloud , Inc. | 【Important】Shadankun vulnerable to denial-of-service (DoS) (CVE-2020-5622) |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
| Attack Vector(AV) | Physical (P) | Local (L) | Adjacent (A) | Network (N) |
|---|---|---|---|---|
| Attack Complexity(AC) | High (H) | Low (L) | ||
| Privileges Required(PR) | High (H) | Low (L) | None (N) | |
| User Interaction(UI) | Required (R) | None (N) | ||
| Scope(S) | Unchanged (U) | Changed (C) | ||
| Confidentiality Impact(C) | None (N) | Low (L) | High (H) | |
| Integrity Impact(I) | None (N) | Low (L) | High (H) | |
| Availability Impact(A) | None (N) | Low (L) | High (H) |
| Access Vector(AV) | Local (L) | Adjacent Network (A) | Network (N) |
|---|---|---|---|
| Access Complexity(AC) | High (H) | Medium (M) | Low (L) |
| Authentication(Au) | Multiple (M) | Single (S) | None (N) |
| Confidentiality Impact(C) | None (N) | Partial (P) | Complete (C) |
| Integrity Impact(I) | None (N) | Partial (P) | Complete (C) |
| Availability Impact(A) | None (N) | Partial (P) | Complete (C) |
Credit
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2020-5622 |
| JVN iPedia |
JVNDB-2020-000060 |