Contents x
    Edge Filer Security Vulnerability
    • 15 Feb 2023
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Edge Filer Security Vulnerability

    • Updated on 15 Feb 2023
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Article Summary

    Vulnerability Description

    A vulnerability has been identified in the CTERA Edge Filer administrative interface that allows authenticated users to escalate their privileges. This vulnerability has been assessed by CTERA to have a moderate to high level of severity.

    Vulnerability Details

    Publication Date: Jan 31 2022

    CTERA CVSS score of 6.2  

    Affected CTERA Products

    • CTERA Edge Filer (All versions before 7.3.2376.27)

    Analysis

    This vulnerability is considered critical, as a logged in user that has write access to a file's extended attributes may execute arbitrary code .

    CTERA products other than CTERA Edge Filers are not affected.

    Workaround

    If upgrade is not possible, it is advisable to block access to the administrative interface of the Edge Filer (port 443) for non-administrative users.

    Permanent Solution

    CTERA Edge Filer 7.3.2376.27, contains a fix for this issue. Customers who have not upgraded to this or a higher version are advised to schedule a short maintenance window for installing this patch version on their edge filers.

    Vulnerability Remediation

    Was this article helpful?
    What's Next
    Copyright © CTERA Networks Ltd. All Rights Reserved