CVE-2018-6185 : What You Need to Know

Cloudera Navigator Key Trustee KMS versions 5.12 and 5.13 have a vulnerability that allows unauthorized remote access to purge and undelete API calls on encryption zone keys.

Understanding CVE-2018-6185

This CVE highlights a security issue in Cloudera Navigator Key Trustee KMS versions 5.12 and 5.13.

What is CVE-2018-6185?

The vulnerability in Cloudera Navigator Key Trustee KMS versions 5.12 and 5.13 allows unauthorized remote access to purge and undelete API calls on encryption zone keys.

The Impact of CVE-2018-6185

The default ACL values in Key Trustee KMS 5.12.0 and 5.13.0 are set to "*", enabling anyone with network access to the Key Trustee KMS and knowledge of an encryption zone key's name to execute these calls, potentially leading to data loss.

Technical Details of CVE-2018-6185

This section delves into the technical aspects of the vulnerability.

Vulnerability Description

Incorrect default ACL values in Cloudera Navigator Key Trustee KMS versions 5.12 and 5.13 allow unauthorized remote access to purge and undelete API calls on encryption zone keys.

Affected Systems and Versions

Product: Not applicable
Vendor: Not applicable
Versions: 5.12 and 5.13

Exploitation Mechanism

The vulnerability arises from the default ACL values in Key Trustee KMS 5.12.0 and 5.13.0 being set to "*", enabling unauthorized remote access to purge and undelete API calls.

Mitigation and Prevention

Protecting systems from this vulnerability is crucial.

Immediate Steps to Take

Update to a patched version of Cloudera Navigator Key Trustee KMS.
Restrict network access to the Key Trustee KMS.
Monitor API calls for suspicious activity.

Long-Term Security Practices

Regularly review and update ACL values.
Implement strong access controls and authentication mechanisms.
Conduct security audits and penetration testing.

Patching and Updates

Ensure timely installation of security patches and updates for Cloudera Navigator Key Trustee KMS.