Command Injection and Path Traversal in StoneFly Storage Concentrator

Command Injection and Path Traversal in StoneFly Storage Concentrator
Cyber Labs

04 of 12

This insight is part 04 of 12 in this Collection.

August 16, 2024 3 mins

Command Injection and Path Traversal in StoneFly Storage Concentrator

Designing an Integrated Business and People Strategy for the Future of Insurance Hero Banner

CVE-2024-30213, CVE-2024-31947: Blind Operating System Command Injection and Path Traversal in StoneFly Storage Concentrator

Aon discovered two security vulnerabilities affecting StoneFly Storage Concentrator (SC) and Storage Concentrator Virtual Machine (SCVM) leading to arbitrary command execution and information disclosure, both requiring user authentication. The vulnerabilities affect SC and SCVM running version 8.0.4.25 and below. The vulnerabilities were discovered by Aon team member David Glenn Baylon.

Aon would like to thank StoneFly for working with us as part of our coordinated disclosure process.

Timeline

  • 01/09/24 – Initial disclosure to [email protected]
  • 01/16/24 – Issues confirmed by StoneFly
  • 04/24/24 – CVEs assigned by StoneFly
  • 07/01/24 – StoneFly SC and SCVM patches released
  • 07/08/24 – CVE-2024-30213 advisory published
  • 07/11/24 – CVE-2024-31947 advisory published
  • 08/16/24 – Aon advisory published

Vulnerability Listing

  • CVE-2024-30213 - Blind Operating System Command Injection
  • CVE-2024-31947 - Path Traversal

CVE-2024-30213 - Blind Operating System Command Injection

Overview

StoneFly SC and SCVM are vulnerable to authenticated blind operating system command injection attacks. Successful exploitation of this vulnerability leads to privileged arbitrary command execution, resulting in complete compromise of an SC and/or SCVM.

Remediation

Refer to the vendor pages listed under Vendor Advisory for a complete list of product versions in which this vulnerability has been fixed and further instructions on how to upgrade the affected systems.

CVE-2024-31947 - Path Traversal

Overview

StoneFly SC and SCVM are vulnerable to authenticated path traversal attacks. Successful exploitation of this vulnerability leads to disclosure of sensitive information.

Remediation

Refer to the vendor pages listed under Vendor Advisory for a complete list of product versions in which this vulnerability has been fixed and further instructions on how to upgrade the affected systems.

Aon’s Thought Leader
  • David Glenn Baylon
    Senior Consultant, Security Testing, Cyber Solutions

About Cyber Solutions:

Aon’s Cyber Solutions offers holistic cyber risk management, unsurpassed investigative skills, and proprietary technologies to help clients uncover and quantify cyber risks, protect critical assets, and recover from cyber incidents.

General Disclaimer

This document is not intended to address any specific situation or to provide legal, regulatory, financial, or other advice. While care has been taken in the production of this document, Aon does not warrant, represent or guarantee the accuracy, adequacy, completeness or fitness for any purpose of the document or any part of it and can accept no liability for any loss incurred in any way by any person who may rely on it. Any recipient shall be responsible for the use to which it puts this document. This document has been compiled using information available to us up to its date of publication and is subject to any qualifications made in the document.

Terms of Use

The contents herein may not be reproduced, reused, reprinted or redistributed without the expressed written consent of Aon, unless otherwise authorized by Aon. To use information contained herein, please write to our team.