SearchBlox Fixes File Exfiltration Issue
Monday, December 7, 2015 @ 12:12 PM gHale
SearchBlox produced a new version to mitigate a file exfiltration vulnerability in its web-based proprietary search engine application, according to a report on ICS-CERT.
This vulnerability, discovered by Oana Murarasu of Ixia, is remotely exploitable.
SearchBlox Version 8.3 suffers from the issue.
A successful attack on this vulnerability could allow exporting of the config file without admin login, overwriting the config file without admin login, and adding and deleting (nonadmin) users.
SearchBlox is a U.S.-based company that maintains an office in Virginia.
The affected product, SearchBlox, is a web-based proprietary search engine. SearchBlox officials said the products sees action across several sectors including commercial facilities, critical manufacturing, and information technology. SearchBlox estimates these products see use in 30 countries including the United States and Europe.
In the vulnerability, the config file could end up overwritten without admin login, which could allow the attacker to cause a crash.
CVE-2015-7919 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 10.0.
No known public exploits specifically target this vulnerability. However, an attacker with a low skill would be able to exploit this vulnerability.
SearchBlox released a new version, SearchBlox 8.3.1, to mitigate the identified vulnerability. Click here to download the new version.