Sap hana system exposed security vulnerabilities, static keys in the database

Source: Internet
Author: User

Sap hana system exposed security vulnerabilities, static keys in the database

 

SAP well-known Memory Database Management System HANA has been exposed to be installed ?? The static encryption key is stored in the database. Sap hana is the fastest growing product in SAP history.

Vulnerability Overview

ERPScan researchers showed the vulnerability at a black hat conference in Amsterdam. This team also recently announced configuration vulnerabilities in Oracle's PeopleSoft.

The encryption key is static, that is, all sap hana is installed with the same key by default. If attackers can read this key, they can attack multiple systems.

Alexander Polyakov, chief technology officer of ERPScan, said attackers can perform various attacks: such as SQL injection to steal keys in the SAP database, use directory traversal, or XXE injection (XML External Entity attack, XML external entity injection ). The default encryption key is used to protect data on the platform, including passwords and platform backups.

On the other hand, because SAP administrators rarely change the default encryption key, this also makes the platform vulnerable to attacks.

At the black hat conference, researchers Dmitry Chastuhin not only shared the encryption vulnerability, but also shared an SQL injection vulnerability in the Hana XS server.

 

Decrypt all data with the default key

"Some data is stored on disks, for example, the account, password, and key used to decrypt the storage point of a technician are stored in hdbuserstore," experts explained. This hdbuserstore is a simple file on the disk. It is encrypted using the 3DES algorithm and uses a static master key. Once you can read the file and decrypt it with the same static master key as each system, you will get the System user password and the key used for hard disk encryption. You can get all the data ."

ERPScan said that 100% still uses the default CMK to encrypt hdbuserstore among its customers.

Chastuhin also found that this problem also exists in the SAP mobile platform, that is, a default static key is used to encrypt data. Attackers can exploit the XXE vulnerability to obtain password-containing configuration files, use a static key for decryption.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.