Tuesday, March 9, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Privacy

Severe Flaw Disclosed In StackStorm DevOps Automation Software

March 11, 2019
in Internet Privacy
Severe Flaw Disclosed In StackStorm DevOps Automation Software
587
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Credit: The Hacker News

A security researcher has discovered a severe vulnerability in the popular, open source event-driven platform StackStorm that could allow remote attackers to trick developers into unknowingly execute arbitrary commands on targeted services.

You might also like

Malware Can Exploit New Flaw in Intel CPUs to Launch Side-Channel Attacks

Microsoft Exchange Cyber Attack — What Do We Know So Far?

Iranian Hackers Using Remote Utilities Software to Spy On Its Targets

StackStorm, aka “IFTTT for Ops,” is a powerful event-driven automation tool for integration and automation across services and tools that allows developers to configure actions, workflows, and scheduled tasks, in order to perform some operations on large-scale servers.

For example, you can set instructions (if this, then that) on Stackstorm platform to automatically upload network packet files to a cloud-based network analyze service, like CloudShark, in events when your security software detects an intrusion or malicious activity in the network.

Since StackStorm executes actions—which can be anything, from the HTTP request to an arbitrary command—on remote servers or services that developers integrate for automated tasks, the platform runs with quite high-privileges.

StackStorm

According to the details Barak Tawily, an application security researcher, shared with The Hacker News prior to the release, the flaw resided in the way the StackStorm REST API improperly handled CORS (cross-origin resource sharing) headers, eventually enabling web browsers to perform cross-domain requests on behalf of the users/developers authenticated to StackStorm Web UI.

StackStorm

“Specifically what the StackStorm API returned for Access-Control-Allow-Origin. Prior to [StackStorm] 2.10.3/2.9.3, if the origin of the request was unknown, we would return null,” StackStorm said in a blog post about the vulnerability.

“As Mozilla’s documentation will show, and client behavior will back up, null can result in a successful request from an unknown origin in some clients. Allowing the possibility of XSS style attacks against the StackStorm API.”

The Access-Control-Allow-Origin header is critical to resource security that specifies which domains can access a site’s resources, which if left misconfigured on a site, could allow other malicious sites to access its resources in a cross-site manner.

To exploit this vulnerability (CVE-2019-9580), an attacker simply needs to send a maliciously-crafted link to a victim, allowing it to “read/update/create actions and workflows, get internal IPs and execute a command on each machine which is accessible by StackStorm agent.”

Tawily shared a proof-of-concept video with The Hacker News, demonstrating how the vulnerability in StackStorm could allow an attacker to take over any server accessible by the StackStorm agent.

The researcher shared his findings with the StackStorm team last week, which acknowledged the issue and immediately released StackStorm versions 2.9.3 and 2.10.3 to address the vulnerability within just two days.

DevOps teams are highly recommended to update StackStorm.


Credit: The Hacker News By: noreply@blogger.com (Mohit Kumar)

Previous Post

Data Science Jargon Explained to the Layman

Next Post

AI is the new electricity

Related Posts

Malware Can Exploit New Flaw in Intel CPUs to Launch Side-Channel Attacks
Internet Privacy

Malware Can Exploit New Flaw in Intel CPUs to Launch Side-Channel Attacks

March 9, 2021
Microsoft Exchange Cyber Attack — What Do We Know So Far?
Internet Privacy

Microsoft Exchange Cyber Attack — What Do We Know So Far?

March 9, 2021
Iranian Hackers Using Remote Utilities Software to Spy On Its Targets
Internet Privacy

Iranian Hackers Using Remote Utilities Software to Spy On Its Targets

March 8, 2021
Researchers Find 3 New Malware Strains Used by SolarWinds Hackers
Internet Privacy

Researchers Find 3 New Malware Strains Used by SolarWinds Hackers

March 6, 2021
Bug in Apple’s Find My Feature Could’ve Exposed Users’ Location Histories
Internet Privacy

Bug in Apple’s Find My Feature Could’ve Exposed Users’ Location Histories

March 6, 2021
Next Post
AI is the new electricity

AI is the new electricity

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks
Internet Security

Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks

March 9, 2021
Malware Can Exploit New Flaw in Intel CPUs to Launch Side-Channel Attacks
Internet Privacy

Malware Can Exploit New Flaw in Intel CPUs to Launch Side-Channel Attacks

March 9, 2021
How to Begin Using DevSecOps for your Team
Data Science

How to Begin Using DevSecOps for your Team

March 9, 2021
Algorithm helps artificial intelligence systems dodge ‘adversarial’ inputs
Machine Learning

Algorithm helps artificial intelligence systems dodge ‘adversarial’ inputs

March 9, 2021
Why Use Python for AI and Machine Learning? | by BoTreeTechnologies | Mar, 2021
Neural Networks

Why Use Python for AI and Machine Learning? | by BoTreeTechnologies | Mar, 2021

March 9, 2021
Podcasts for marketers and Google’s stance on tracking: Monday’s daily brief
Digital Marketing

Podcasts for marketers and Google’s stance on tracking: Monday’s daily brief

March 9, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks March 9, 2021
  • Malware Can Exploit New Flaw in Intel CPUs to Launch Side-Channel Attacks March 9, 2021
  • How to Begin Using DevSecOps for your Team March 9, 2021
  • Algorithm helps artificial intelligence systems dodge ‘adversarial’ inputs March 9, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates