{"id":19560,"date":"2022-01-07T14:34:13","date_gmt":"2022-01-07T13:34:13","guid":{"rendered":"https:\/\/relnet.hu\/?p=19560"},"modified":"2022-01-07T14:53:52","modified_gmt":"2022-01-07T13:53:52","slug":"serulekenyseg-a-stormshield-sns-tuzfalak-szoftvereben","status":"publish","type":"post","link":"https:\/\/relnet.hu\/en\/serulekenyseg-a-stormshield-sns-tuzfalak-szoftvereben\/","title":{"rendered":"S\u00e9r\u00fcl\u00e9kenys\u00e9g a Stormshield SNS t\u0171zfalak szoftver\u00e9ben!"},"content":{"rendered":"<p>A 4.2-es verzi\u00f3k a kor\u00e1bbiakn\u00e1l ellen\u00e1ll\u00f3bb kulcsgener\u00e1l\u00e1si algoritmust haszn\u00e1lnak. A jelsz\u00f3m\u00f3dos\u00edt\u00e1si funkci\u00f3juk azonban nem t\u00e1vol\u00edtja el minden esetben a r\u00e9gi algoritmus kulcsait, \u00edgy azok jelsz\u00f3v\u00e1ltoztat\u00e1s ut\u00e1n is el\u00e9rhet\u0151k maradnak az \u00e9rintett verzi\u00f3kban.<br \/>\n<br \/>Konzolel\u00e9r\u00e9s eset\u00e9n csak abban a speci\u00e1lis esetben marad az alap\u00e9rtelmezett jelsz\u00f3 m\u0171k\u00f6d\u0151k\u00e9pes, ha el\u0151zetes jelsz\u00f3m\u00f3dos\u00edt\u00e1s n\u00e9lk\u00fcl a szoftverfriss\u00edt\u00e9s a hardver alapkonfigur\u00e1ci\u00f3j\u00e1ban ker\u00fcl v\u00e9grehajt\u00e1sra (\u00faj term\u00e9k, alapkonfigur\u00e1ci\u00f3 vagy USB-helyre\u00e1ll\u00edt\u00e1s).<br \/>\n<br \/>A s\u00e9r\u00fcl\u00e9kenys\u00e9get a 4.2.8-as verzi\u00f3ra t\u00f6rt\u00e9n\u0151 friss\u00edt\u00e9s orvosolja teljesk\u00f6r\u0171en. Tov\u00e1bbi m\u0171veletekre ez esetben nincs sz\u00fcks\u00e9g az \u00e9rintett t\u0171zfalakon. Ugyanakkor a vesz\u00e9ly \u00fagy is elh\u00e1r\u00edthat\u00f3, ha k\u00e9zileg t\u00f6r\u00f6lj\u00fck a rezidu\u00e1lis kulcsokat. Az elj\u00e1r\u00e1s r\u00e9szletes le\u00edr\u00e1sa \u2013 bejelentkez\u00e9s ut\u00e1n \u2013 <a href=\"https:\/\/communication.stormshield.com\/e\/875021\/n-account-authentication-issue\/4mww5r\/209962240?h=Y94Fcj0b_WkMjR9c6oZ7F7Rw00JT8jBQbibyo7NDQaA\">itt olvashat\u00f3<\/a>.<br \/>\n<br \/>A probl\u00e9ma nem \u00e9rinti a virtu\u00e1lis SNS eszk\u00f6z\u00f6ket.<br \/>\n<br \/>A s\u00e9r\u00fcl\u00e9kenys\u00e9g param\u00e9terei:<br \/>\n<br \/>\u2022\tNyilv\u00e1ntart\u00e1si sz\u00e1m: CVE-2021-45885<br \/>\n<br \/>\u2022\tCVSS pontsz\u00e1m: 8,4<br \/>\n<br \/>\u2022\t\u00c9rintett verzi\u00f3k: 4.2.2-t\u0151l 4.2.7-ig fizikai SNS t\u0171zfalakon<br \/>\n<\/p>\n<h5>Forr\u00e1s<\/h5>\n<p><a href=\"https:\/\/advisories.stormshield.eu\/2021-069\/\">SNS: Lack of old ssh password cleanup<\/a><br \/>justify<br \/>no-repeat;left top;;<br \/>auto<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A Stormshield arr\u00f3l t\u00e1j\u00e9koztatja partnereit \u00e9s felhaszn\u00e1l\u00f3it, hogy s\u00e9r\u00fcl\u00e9kenys\u00e9get fedezett fel a fizikai eszk\u00f6z alap\u00fa Network Security t\u0171zfalainak szoftver\u00e9ben. A biztons\u00e1gi r\u00e9s akkor keletkezik, ha a 4.2.2-t\u0151l 4.2.7-ig terjed\u0151 verzi\u00f3k valamelyik\u00e9re t\u00f6rt\u00e9n\u0151 friss\u00edt\u00e9st megel\u0151z\u0151en nem v\u00e1ltoztatjuk meg az alap\u00e9rtelmezett \u201eAdmin\u201d SSH-jelsz\u00f3t.<\/p>\n","protected":false},"author":1086,"featured_media":19571,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[590],"tags":[76,2402,1060,2208],"yst_prominent_words":[],"class_list":["post-19560","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-stormshield","tag-serulekenyseg","tag-sns","tag-tuzfal","tag-vallalati-tuzfal"],"_links":{"self":[{"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/posts\/19560","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/users\/1086"}],"replies":[{"embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/comments?post=19560"}],"version-history":[{"count":7,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/posts\/19560\/revisions"}],"predecessor-version":[{"id":19574,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/posts\/19560\/revisions\/19574"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/media\/19571"}],"wp:attachment":[{"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/media?parent=19560"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/categories?post=19560"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/tags?post=19560"},{"taxonomy":"yst_prominent_words","embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/yst_prominent_words?post=19560"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}