CVE-2013-1350 – Verax NMS prior to version 2.1.0 contains multi... (How to Fix)

Q: What is the severity of CVE-2013-1350?

CVE-2013-1350 has a CVSS score of 9.1 (CRITICAL). Verax NMS prior to version 2.1.0 contains multiple security bypass vulnerabilities that allow attackers to circumvent authentication and authorization controls. This affects organizations using Verax Network Management System for monitoring network infrastructure. Attackers could gain unauthorized access to sensitive network management functions.

📋 TL;DR

Verax NMS prior to version 2.1.0 contains multiple security bypass vulnerabilities that allow attackers to circumvent authentication and authorization controls. This affects organizations using Verax Network Management System for monitoring network infrastructure. Attackers could gain unauthorized access to sensitive network management functions.

💻 Affected Systems

Products:

Verax Network Management System

Versions: All versions prior to 2.1.0

Operating Systems: Any OS running Verax NMS

Default Config Vulnerable: ⚠️ Yes

Notes: All default installations of affected versions are vulnerable. No special configuration required for exploitation.

📦 What is this software?

Network Management System by Veraxsystems

View all CVEs affecting Network Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of network management system leading to unauthorized configuration changes, service disruption, and potential lateral movement into managed network devices.

🟠

Likely Case

Unauthorized access to network monitoring data, configuration viewing/modification, and potential privilege escalation within the NMS.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls preventing external access to the NMS interface.

🌐 Internet-Facing: HIGH - If exposed to internet, attackers can bypass authentication without credentials.

🏢 Internal Only: MEDIUM - Internal attackers or compromised internal systems could exploit these vulnerabilities.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Multiple authentication bypass methods exist. Exploitation requires network access to the NMS web interface.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.1.0 or later

Vendor Advisory: No official vendor advisory found in provided references

Restart Required: Yes

Instructions:

1. Download Verax NMS version 2.1.0 or later from vendor. 2. Backup current configuration and data. 3. Stop Verax NMS services. 4. Install updated version. 5. Restart services. 6. Verify functionality.

🔧 Temporary Workarounds

Network Segmentation

linux

Restrict access to Verax NMS web interface to trusted management networks only

iptables -A INPUT -p tcp --dport [NMS_PORT] -s [TRUSTED_NETWORK] -j ACCEPT
iptables -A INPUT -p tcp --dport [NMS_PORT] -j DROP

Web Application Firewall

all

Deploy WAF with authentication bypass protection rules

🧯 If You Can't Patch

Implement strict network access controls to limit NMS access to authorized administrators only
Monitor authentication logs for suspicious activity and failed login attempts

🔍 How to Verify

Check if Vulnerable:

Check Verax NMS version via web interface admin panel or configuration files. Versions below 2.1.0 are vulnerable.

Check Version:

Check web interface footer or /opt/verax/version.txt on Linux systems

Verify Fix Applied:

Verify version is 2.1.0 or higher and test authentication mechanisms work properly.

📡 Detection & Monitoring

Log Indicators:

Multiple failed authentication attempts followed by successful access
Access from unusual IP addresses without authentication logs
Configuration changes from unauthenticated users

Network Indicators:

HTTP requests bypassing authentication endpoints
Unusual traffic patterns to NMS web interface

SIEM Query:

source="verax_nms" AND (event_type="auth_failure" OR event_type="config_change") | stats count by src_ip

📊 Metadata

CVE ID: CVE-2013-1350

CVSS v3 Score: 9.1 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE: CWE-863

Published: January 30, 2020

Last Updated: November 21, 2024

🔗 References

http://www.securityfocus.com/bid/58334 Third Party Advisory,VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/82705 Third Party Advisory,VDB Entry
http://www.securityfocus.com/bid/58334 Third Party Advisory,VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/82705 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2013-1350, you might also want to check these: