Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

WebUI vulnerabilities expose system admin portals

Check Point : 22 October, 2014  (Technical Article)
Security experts at Check Point have discovered WebUI vulnerabilities in System Admin Portals enabling administrator credential theft
WebUI vulnerabilities expose system admin portals

Check Point's Security Research Group has discovered vulnerabilities in the Admin WebUI portals of three network security vendors.  If targeted and exploited, these vulnerabilities would give hackers administrative control over the vendors’ security gateways, potentially leaving business networks exposed to attacks.  In the wake of the recent ShellShock WebUI vulnerability, these additional vulnerabilities further increase exposure for certain security vendors.

“Check Point shared its findings with the affected vendors as part of its duty for responsible disclosure of vulnerabilities,” said Oded Vanunu, security research group manager at Check Point Software Technologies. “Check Point is committed to ensuring the security of all organizations. As such, we are obligated to raise awareness of the vulnerabilities that can affect Admin WebUI portals.  We strongly recommend that organizations using WebUI check with their vendors to ensure that they are not exposed to the uncovered vulnerabilities.”

The vulnerabilities were discovered using a combination of Cross-site Scripting (XSS), Cross-site Request Forgery (CSRF) and Phishing attacks. To mitigate the risk of Admin WebUI exploits, Check Point strongly recommends organizations using security products with a WebUI portal to implement the following best practices:

* Use a dedicated web browser to manage the WebUI of security devices. Do not use this browser to open and use links from incoming emails, no matter how plausible the email seems to be.

* Use a dedicated management network (physical or logical) that is separate from the users’ Local Area Network (LAN).

* Use a dedicated server that is connected only to the security devices and has no connection to the public Internet. This dedicated server can be managed remotely via a terminal server or VPN connection using strong, two-factor authentication.

“The WebUI approach introduces multiple attack vectors and our research has shown 21 of 23 network security vendors use a WebUI to manage their product security configuration,” concluded Vanunu.

Check Point’s Malware and Security Research Groups regularly perform assessments of common security products to ensure the security of Internet users worldwide.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo