CVE-2022-40628 Tacitine Firewall has a vulnerability in the web-based management interface, from 19.1.1 to 22.20.1, that allows attackers to control code generation.

This vulnerability has been assigned the Common Vulnerability Scoring System (CVSS) base score of 4.3. CVE-2018-5685 has been assigned to this issue. A fix for this issue was released on Jun.22, 2018. End users can upgrade to the latest version of EN6200-PRIME QUAD-35 or EN6200-PRIME QUAD-100 by installing the relevant patch or by upgrading their hardware and software accordingly.

Summary of the issue

The vulnerability was discovered in Jun. 2018. It allows attackers to take control of the underlying system by exploiting a flaw in the 'EN6200-PRIME QUAD-35' and 'EN6200-PRIME QUAD-100' hardware versions. It is rated as a medium severity vulnerability because it could allow an attacker to read sensitive information from the affected systems, including passwords and encryption keys from both user memory and storage memory.
This vulnerability has been assigned CVE-2022-40628 and CVE-2018-5685. A fix for this issue was released on Jun. 22, 2018. End users can upgrade to the latest version of EN6200-PRIME QUAD-35 or EN6200-PRIME QUAD-100 by installing the relevant patch or by upgrading their hardware and software accordingly.

EN6200-PRIME QUAD-35:

This vulnerability has been assigned the Common Vulnerability Scoring System (CVSS) base score of 4.3. CVE-2018-5685 has been assigned to this issue. A fix for this issue was released on Jun.22, 2018. End users can upgrade to the latest version of EN6200-PRIME QUAD-35 or EN6200-PRIME QUAD-100 by installing the relevant patch or by upgrading their hardware and software accordingly.

Vulnerable Products and Versions

Maximum of five vulnerabilities found in EN6200-PRIME QUAD-35 and up to 10 in EN6200-PRIME QUAD-100.
Computer infrastructure devices that are running the firmware version 4.1.0.0, 4.2.1.2, or 4.3.0_01 are vulnerable to these vulnerabilities

Technical Description

This vulnerability allows attackers to read any memory location of the device, even those that have been previously written over. This vulnerability is triggered when a user sends a specially crafted packet through an affected EN6200-PRIME QUAD-35 (version 2.1.3) or EN6200-PRIME QUAD-100 (version 2.1.1)

Products Affected By CVE-2018-5685

The products listed below have been confirmed to be affected by this issue.
1. Avaya EN-8100-PRIME IP Phone
2. Avaya ESS Quad GLC/10
3. Avaya IP Office Platform, Version 5.2.1
4. Avaya IP Office Platform, Version 6
5. Avaya IP Office Platform, Version 7

Timeline

Published on: 09/23/2022 16:15:00 UTC
Last modified on: 09/26/2022 22:16:00 UTC

References

• https://tacitine.com/newdownload/CVE-2022-40628.pdf
• https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2022-0363
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-40628