HP StoreFabric B-series switch – privilege escalation

15th August 2016 | _xamin_

Daniel Compton of Info-Assure Ltd discovered a security vulnerability within the operating system of the HP StoreFabric switches. This security vulnerably allowed a standard read only CLI user to execute commands as the root user of the device and read sensitive files.

Info-Assure urges all users of the HP StoreFabric B-series switches to upgrade to the fixed firmware versions.

As part of Info-Assures responsible disclosure program, we will not release any information until the vendor has patched the vulnerability. Once the vulnerability has been patched we will not disclose the exact details or exploitation methods for the vulnerability for 3 months. This gives all users of the product sufficient time to ensure they have updated their products and are protected against the issue.

Vulnerability type: Remote Disclosure of Privileged Information/Privilege escalation

Vendor: Hewlett Packard

Vulnerable product version: HPE B-series versions prior to FOS V7.4.1d and v8.0.1

Fixed product version: HPE B-series FOS V7.4.1d and v8.0.1

Vendor Patch Release: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05236212

Vendor Bug References: CVE-2016-4376, PSRT110173

Discovered: 16/09/2015

Reported: 18/09/2015

Vendor Fixed: 12/08/2016

Partial Disclosure: 15/08/2016

Full disclosure: tba.