Multiple vulnerabilities in EXPRESSCLUSTER X

日本語

Number:NV21-015
CVE:CVE-2021-20700, CVE-2021-20701, CVE-2021-20702, CVE-2021-20703, CVE-2021-20704, CVE-2021-20705, CVE-2021-20706, CVE-2021-20707

Overview

EXPRESSCLUSTER X contains multiple vulnerabilities.

Buffer overflow in the Disk Agent function - CVE-2021-20700、CVE-2021-20701
Buffer overflow in the Transaction Server function - CVE-2021-20702、CVE-2021-20703
Buffer overflow in the compatible API function with previous versions - CVE-2021-20704
Remote file upload in the WebManager function - CVE-2021-20705、CVE-2021-20706
Read files in the Transaction Server function - CVE-2021-20707

Products Affected

EXPRESSCLUSTER X

Affected Version

CLUSTERPRO X 4.3 for Windows and earlier
EXPRESSCLUSTER X 4.3 for Windows and earlier
CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier
EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier

Solution

Please apply the patch.
4.x
https://www.support.nec.co.jp/View.aspx?id=3010103673
https://www.support.nec.co.jp/View.aspx?id=3010103678
3.x
https://support.pf.nec.co.jp/View.aspx?id=3140107057
https://support.pf.nec.co.jp/View.aspx?id=3140108604

Apply a Workaround

Please enable the firewall and block unnecessary communication.
For the following ports, allow only hosts belonging to the cluster to accept connection requests.
- Data transfer (default: 29002)
- Communication between disk agents (default: 29004)
For the following ports, allow only management client to accept connection requests.
- WebManager HTTP port (default: 29003)
For clpoldapi.exe process, allow only localhost to accept connection requests.

References

Credit

reported by Exodus Intelligence (exodusintel.com) for NEC-PSIRT

Update

2022/04/15: Solution Update
2021/11/29: Solution Update
2021/10/29: First edition

サイト内の現在位置