This week’s giant data breach story was Equifax, the credit score reporting agency hadn’t patched an Apache Struts vulnerability putting personal information on 143 million consumers at risk. The bad news? Odds are your data is included in the breach. The good news? If you are an Uplogix user, this vulnerability was already patched.
Uplogix Local Management Software v5.4.2 included the fix for the CVE-2017-5638 “Strutshock” vulnerability out of an abundance of caution because our use of Struts doesn’t meet the initial configuration detailed in the exploit. Not sure what Uplogix version you are running? Check out the Uplogix Support Site for all patch downloads and information.
This breach of data for a well-known information company like Equifax is less shocking with the revelation of another security hole reported this week:
Equifax’s Argentinean website left administrator access (including databases of consumer’s personal information) guarded by the ultra-difficult user/password login combo of admin/admin. It allowed anyone to add or remove employee accounts for the system, as well as see their passwords by simply viewing the source of a webpage, or access the personal data of anyone (including DNI — their equivalent to a social security number) who had ever disputed a report. (source: engadget)
Uplogix probably isn’t going to solve rookie problems like default passwords, but we do maintain and enforce AAA (authentication, authorization and accounting) for managed devices whether your network is up or down. Under normal circumstances, Uplogix Local Managers (LMs) integrate with remote multi-factor authentication mechanisms, such as TACACS and Radius, but if connectivity is lost, the LM can failover to other AAA servers before falling back on cached authentication data to maintain authorized access.
Unauthorized user access can be prevented by having Uplogix automatically closing idle sessions, eliminating a potential security gap. Uplogix also ensures that the right users have the right access by enforcing granular, role-based permissions.
Audit and compliance reporting is maintained by constantly logging all changes made to managed devices and the results of these changes.
Hopefully when you go check out the Equifax site to see if your information was compromised, you get this message: