Critical vulnerability in Hewlett Packard Enterprise products exposes affected systems to hackers

Hewlett Packard Enterprise (HPE) has issued a security alert inviting its users to apply the patch that will address a flaw in Edgeline Infrastructure Manager (EIM), one of its main application management solutions. According to the report, successful exploitation of this vulnerability would allow threat actors to bypass the authentication mechanism in this product to infiltrate their cloud infrastructure.

The vulnerability received a score of 9.8/10 on the Common Vulnerability Scoring System (CVSS) scale and resides in all EIM versions prior to v1.21. This is an edge-computing management suite released a couple of years ago.

Experts from security firm Tenable identified the flaw (tracked as CVE2021-29203) in early 2021, submitting the report to HPE on February 1. The company released a patch along with many other multi-failure fixes for products used in operating systems such as CentOS 7, Red Hat Enterprise Linux, SUSE and multiple versions of Windows.

In its report HPE briefly details the findings: “A severe vulnerability has been detected in EIM, also known as HPE Edgeline Infrastructure Manager Software. This flaw could be exploited remotely to bypass system authentication and allow threat actors privileged access, leading to denial of service scenarios and arbitrary configuration modifications.”

On the other hand, experts from Tenable mention that the flaw is related to an error in the way HPE handles password reset for administrator accounts: “When a user first logs in to the application with a default administrator password, the user is prompted to change the account password. The change is made by sending a request to URL/redfish/v1/SessionService/ResetPassword/1; however, after the password change, an unauthenticated remote attacker can use the same URL to reset the administrator account password.”

All an attacker has to do next is log in to the web application with the updated administrator password by sending a request to URL/redfish/v1/SessionService/Sessions. Researchers conclude by mentioning that a malicious hacker could change the password of the operating system root account by sending a request to URL/redfish/v1/AccountService/Accounts/1.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.