サイト内の現在位置

Multiple vulnerabilities in EXPRESSCLUSTER X

Number:NV21-015
CVE:CVE-2021-20700, CVE-2021-20701, CVE-2021-20702, CVE-2021-20703, CVE-2021-20704, CVE-2021-20705, CVE-2021-20706, CVE-2021-20707

Overview

EXPRESSCLUSTER X contains multiple vulnerabilities.

Buffer overflow in the Disk Agent function - CVE-2021-20700、CVE-2021-20701
Buffer overflow in the Transaction Server function - CVE-2021-20702、CVE-2021-20703
Buffer overflow in the compatible API function with previous versions - CVE-2021-20704
Remote file upload in the WebManager function - CVE-2021-20705、CVE-2021-20706
Read files in the Transaction Server function - CVE-2021-20707

Products Affected

EXPRESSCLUSTER X

Affected Version

CLUSTERPRO X 4.3 for Windows and earlier
EXPRESSCLUSTER X 4.3 for Windows and earlier
CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier
EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier

Solution

Please apply the patch.
https://www.support.nec.co.jp/View.aspx?id=3010103673
https://www.support.nec.co.jp/View.aspx?id=3010103678

Apply a Workaround

Please enable the firewall and block unnecessary communication.
 For the following ports, allow only hosts belonging to the cluster to accept connection requests.
  - Data transfer (default: 29002)
  - Communication between disk agents (default: 29004)
 For the following ports, allow only management client to accept connection requests.
  - WebManager HTTP port (default: 29003)
 For clpoldapi.exe process, allow only localhost to accept connection requests.

References

Credit

reported by Exodus Intelligence (exodusintel.com) for NEC-PSIRT

Update

2021/11/29
Solution Update
2021/10/29
First edition