CVE-2024-42450

{"id": "CVE-2024-42450", "cveTags": [], "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "support@hackerone.com", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 10.0, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 3.9}], "cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 10.0, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 3.9}]}, "published": "2024-11-19T18:15:20.560", "references": [{"url": "https://security-portal.versa-networks.com/emailbulletins/6735a300415abb89e9a8a9d3", "source": "support@hackerone.com"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-798"}]}], "descriptions": [{"lang": "en", "value": "The Versa Director uses PostgreSQL (Postgres) to store operational and configuration data. It is also needed for High Availability function of the Versa Director. The default configuration has a common password across all instances of Versa Director. By default, Versa Director configures Postgres to listen on all network interfaces. This combination allows an unauthenticated attacker to access and administer the database or read local filesystem contents to escalate privileges on the system. \n\nExploitation Status:\nVersa Networks is not aware of this exploitation in any production systems. A proof of concept exists in the lab environment.\n\nWorkarounds or Mitigation:\nStarting with the latest 22.1.4 version of Versa Director, the software will automatically restrict access to the Postgres and HA ports to only the local and peer Versa Directors. For older releases, Versa recommends performing manual hardening of HA ports. Please refer to the following link for the steps https://docs.versa-networks.com/Solutions/System_Hardening/Perform_Manual_Hardening_for_Versa_Director#Secure_HA_Ports \n\nThis vulnerability is not exploitable on Versa Directors if published Firewall guidelines are implemented. We have validated that no Versa-hosted head ends have been affected by this vulnerability. All Versa-hosted head ends are patched and hardened. \n\nPlease contact Versa Technical Support or Versa account team for any further assistance.\n\nSoftware Download Links:\n22.1.4: https://support.versa-networks.com/support/solutions/articles/23000026708-release-22-1-4"}, {"lang": "es", "value": "Versa Director utiliza PostgreSQL (Postgres) para almacenar datos operativos y de configuraci\u00f3n. Tambi\u00e9n es necesario para la funci\u00f3n de alta disponibilidad de Versa Director. La configuraci\u00f3n predeterminada tiene una contrase\u00f1a com\u00fan en todas las instancias de Versa Director. De forma predeterminada, Versa Director configura Postgres para escuchar en todas las interfaces de red. Esta combinaci\u00f3n permite que un atacante no autenticado acceda y administre la base de datos o lea el contenido del sistema de archivos local para aumentar los privilegios en el sistema. Estado de explotaci\u00f3n: Versa Networks no tiene conocimiento de esta explotaci\u00f3n en ning\u00fan sistema de producci\u00f3n. Existe una prueba de concepto en el entorno de laboratorio. Soluciones alternativas o mitigaci\u00f3n: a partir de la \u00faltima versi\u00f3n 22.1.4 de Versa Director, el software restringir\u00e1 autom\u00e1ticamente el acceso a los puertos Postgres y HA solo a los Versa Directors locales y de pares. Para versiones anteriores, Versa recomienda realizar un fortalecimiento manual de los puertos HA. Consulte el siguiente enlace para conocer los pasos https://docs.versa-networks.com/Solutions/System_Hardening/Perform_Manual_Hardening_for_Versa_Director#Secure_HA_Ports Esta vulnerabilidad no se puede explotar en Versa Directors si se implementan las pautas de firewall publicadas. Hemos validado que ninguna de las cabeceras alojadas en Versa se haya visto afectada por esta vulnerabilidad. Todas las cabeceras alojadas en Versa est\u00e1n parcheadas y reforzadas. Comun\u00edquese con el soporte t\u00e9cnico de Versa o con el equipo de cuentas de Versa para obtener m\u00e1s ayuda. Enlaces de descarga de software: 22.1.4: https://support.versa-networks.com/support/solutions/articles/23000026708-release-22-1-4"}], "lastModified": "2026-04-15T00:35:42.020", "sourceIdentifier": "support@hackerone.com"}