Number | Description | Affected versions | Resolution |
---|---|---|---|
CVE-2016-10708 | sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service | LTS SPS 5.0.x FR | Upgrade to SPS 6 LTS (OpenSSH version 7.6p1) |
CVE-2017-15906 | The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in read-only mode | LTS SSB 5.0.x FR | Upgrade to SPS 6 LTS (OpenSSH version 7.6p1) |
Known as “SACK Panic,” is an integer overflow vulnerability that can be triggered by a remote attacker sending a sequence of TCP Selective ACKnowledgements (SACKs) to a vulnerable system | ALL | https://support.oneidentity.com/kb/298990 | |
CVE-2019-11478 | It is an excess resource consumption vulnerability that can be triggered by a remote attacker sending a sequence of SACKs to a vulnerable system, resulting in the fragmentation of the TCP retransmission queue | ALL | https://support.oneidentity.com/kb/298990 |
CVE-2015-4000 | The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks. | LTS SSB 5.0.x FR | Upgrade to SPS 6 LTS Configure TLS security settings |
CVE-2019-0708 | A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. | Configuration dependant, default "All" RDP channel policy | Do not allow *Custom* channel type in channel policy. Use Network Level Authentication when possible. Security updates may be installed on RDP target systems. |
CVE-2013-4786 | The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks. | Only hardware appliances MBX T1, T4 and T10 | The IPMI interface has known vulnerabilities that One Identity cannot fix or have an effect on. To avoid security hazards, One Identity recommends the followings. - Connect the IPMI interface to well-protected, separated management networks with restricted accessibility. |
CVE-2013-4037 | The RAKP protocol support in the IPMI implementation sends a password hash to the client, which makes it easier for remote attackers to obtain access via a brute-force attack. | Only hardware appliances MBX T1, T4 and T10 | The IPMI interface has known vulnerabilities that One Identity cannot fix or have an effect on. To avoid security hazards, One Identity recommends the followings. - Connect the IPMI interface to well-protected, separated management networks with restricted accessibility. |
Outdated version of OpenSSH / OpenSSL
Weak ciphers
Certificate Authenticity & Trust Chain Validation Issue
CA certificates used by SPS is missing from the scanner tool.
Download the following CA certificates and import into the scanner tool.
Number | Description | Reason for not being affected |
CVE-2015-3200 | mod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication | mod_auth module is unused in lighttpd on SPS |
CVE-2018-19052 | An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. | mod_alias module is unused in lighttpd on SPS |
CVE-2018-10933 | A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. | libssh is unused in SPS |
CVE-2019-5599 | A bug in the non-default RACK TCP stack can allow an attacker to cause several linked lists to grow unbounded and cause an expensive list traversal on every packet being processed, leading to resource exhaustion and a denial of service | Only FreeBSD is affected |
CVE-2019-1552 | OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. Windows builds with insecure path defaults. | Only Windows is affected |
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. | RDP implementation error in RDS which is loosely related to the protocol itself. RDP connections are not affected. Security updates may be installed on RDP target systems. |
Abbreviations
CA - Certificate Authority
RDP - Remote Desktop Protocol
RDS - Remote Desktop Services
SPS - One Identity Safeguard for Privileged Sessions
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center