Detections
Analytics

HP Data Protector Hard-coded Cryptographic Key (HPSBGN03580)

critical Nessus Plugin ID 90941

Language:

Synopsis

An application running on the remote host utilizes an embedded SSL private key.

Description

The HP Data Protector application running on the remote host contains an embedded SSL private key that is shared across all installations.
An attacker can exploit this to perform man-in-the-middle attacks against the host or have other potential impacts.

Solution

Apply the appropriate patch according to the vendor's advisory.

See Also

http://www.nessus.org/u?b20bcde7

https://www.kb.cert.org/vuls/id/267328/

Plugin Details

Severity: Critical

ID: 90941

File Name: hp_data_protector_hardcoded_private_key.nasl

Version: 1.8

Type: remote

Family: Misc.

Published: 5/6/2016

Updated: 4/11/2022

Configuration: Enable paranoid mode, Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:hp:data_protector

Required KB Items: Settings/ParanoidReport

Excluded KB Items: global_settings/disable_test_ssl_based_services

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/18/2016

Vulnerability Publication Date: 4/22/2016

Exploitable With

Metasploit (HP Data Protector Encrypted Communication Remote Command Execution)

Reference Information

CVE: CVE-2016-2004

CERT: 267328

HP: HPSBGN03580, PSRT102293, SSRT102163, emr_na-c05085988