Skip to the content.

DIVD-2022-00055 - Server Management Interfaces security issues

Our reference DIVD-2022-00055
Case lead Pepijn van der Stap
Researcher(s)
CVE(s)
  • n/a
Product n/a
Versions any. For hardware it depends on the firmware shipped by the hardware vendor
Recommendation If you received a notification of a vulnerability, patch your system with the information provided in the notification.
Patch status n/a
Status Open
Last modified 11 Jan 2023 18:58

Summary

DIVD started looking for vulnerabilities regarding (hardware) server management interfaces, worldwide. These interfaces are often exposed to the internet and are not protected by default. This makes them a target for attackers. DIVD is researching vulnerabilities in (hardware) server management interfaces globally and notifying the owners of misconfigured services.

What you can do

IT and IT security teams should consider putting the instance on a separate network, and only allow access to it from a trusted network, via a stepping stone/bastion server, or via VPN. This will prevent attackers from accessing the management interface from the internet.

What we are doing

Timeline

Date Description
08 Oct 2022 DIVD starts investigating the scope of management interfaces.
10 Dec 2022 DIVD starts looking for servers that are vulnerable to CVE-2013-4786.
11 Dec 2022 DIVD starts notifying the owners of servers affected by CVE-2013-4786.
14 Dec 2022 DIVD shares information about the affected servers in the Netherlands with the Digital Trust Center & het Nederlands Security Meldpunt.
08 Jan 2023 DIVD performs another worldwide scan for vulnerable management interfaces, informing the owners of the affected servers and shares relevant data with Digital Trust Center & het Nederlands Security Meldpunt.
gantt title DIVD-2022-00055 - Server Management Interfaces security issues dateFormat YYYY-MM-DD axisFormat %e %b %Y section Case DIVD-2022-00055 - Server Management Interfaces security issues (still open) :2022-10-08, 2024-03-04 section Events DIVD starts investigating the scope of management interfaces. : milestone, 2022-10-08, 0d DIVD starts looking for servers that are vulnerable to CVE-2013-4786. : milestone, 2022-12-10, 0d DIVD starts notifying the owners of servers affected by CVE-2013-4786. : milestone, 2022-12-11, 0d DIVD shares information about the affected servers in the Netherlands with the Digital Trust Center & het Nederlands Security Meldpunt. : milestone, 2022-12-14, 0d DIVD performs another worldwide scan for vulnerable management interfaces, informing the owners of the affected servers and shares relevant data with Digital Trust Center & het Nederlands Security Meldpunt. : milestone, 2023-01-08, 0d

More information