CERTVU:236668Samsung Data Management Server vulnerable to SQL injection
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
70.4%
Overview
The Samsung Integrated Management System DMS is used to manage several air conditioning units. The DMS contains a built-in web server that is susceptible to SQL injection attacks.
Description
The DMS application’s authentication form can be bypassed with SQL injection attacks. Versions 1.3.3, 1.4.1 and 1.4.2 are reported to be affected. Other versions may also be affected. More details can be found in ICS-CERT’s 11-069-01 advisory.
Impact
An attacker can bypass authentication and access the web server as an administrative user.
Solution
Apply an Update
Samsung has provided a DMS Update Guide explaining how to apply the 1.4.3 patch. The patch and “DMS Updater Plus” application can be found on Samsung’s download site.
Restrict Access
Appropriate firewall rules should be implemented to restrict access to only trusted sources.
Vendor Information
236668
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Samsung Affected
Notified: December 08, 2010 Updated: December 08, 2010
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
- <http://www.samsung.com/au/systemsair/src/dvm_solution_integrated_ms.html>
- <http://www.dvmcare.com/SRM/dms/download.html>
- <http://www.dvmcare.com/SRM/dms/HowToUpgradeDMSSW.pdf>
- <http://www.dvmcare.com/SRM/dms/DMSUpdaterPlus.zip>
- <http://www.us-cert.gov/control_systems/pdf/ICSA-11-069-01.pdf>
- <http://www.securitybydefault.com/2011/05/una-inyeccion-sql-que-te-dejara-helado.html>
Acknowledgements
Thanks to José A. Guasch from SecurityByDefault.com for reporting this vulnerability.
This document was written by Jared Allar.
Other Information
| CVE IDs: | CVE-2010-4284 |
|---|---|
| Date Public: | 2011-05-06 Date First Published: |
References
www.dvmcare.com/SRM/dms/DMSUpdaterPlus.zip
www.dvmcare.com/SRM/dms/download.html
www.dvmcare.com/SRM/dms/HowToUpgradeDMSSW.pdf
www.samsung.com/au/systemsair/src/dvm_solution_integrated_ms.html
www.securitybydefault.com/2011/05/una-inyeccion-sql-que-te-dejara-helado.html
www.us-cert.gov/control_systems/pdf/ICSA-11-069-01.pdf
Related
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
70.4%