Japan Vulnerability NotesJVN:90872372JVN#90872372 WebSAM DeploymentManager vulnerable to denial of service
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.008 Low
EPSS
Percentile
81.5%
WebSAM DeploymentManager is a product that manages the distribution of security patches. WebSAM DeploymentManager contains a denial of service (DoS) vulnerability.
Impact
On a server or workstation with “Client Service for DPM” installed, a remote attacker may shut down or restart the operating system.
Solution
Update the Software
Update to the latest version according to the information provided by the developer.
Filter traffic using a firewall
Deny access to port 56010 for packets that do not have a source IP of the WebSAM DeploymentManager server.
For more information, refer to the developer’s website.
Products Affected
Servers or workstations that installed “Client Service for DPM” from the following products are vulnerable.
- WebSAM DeploymentManager Ver5.13 and earlier
The above mentioned WebSAM DeploymentManager is provided as part of the following products and are also affected by this vulnerability.
- SigmaSystemCenter 2.1 Update2 and earlier
- BladeSystemCenter all versions
- ExpressSystemCenter all versions
- VirtualPCCenter 2.2 and earlier
Related
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.008 Low
EPSS
Percentile
81.5%