CVE-2024-45229

Name of the Vulnerable Software and Affected Versions Versa Director (affected versions not specified)

Description The issue is related to the REST API in Versa Director, which is used for orchestration and management. Certain APIs, such as the login screen, banner display, and device registration, do not require authentication. However, it was discovered that for Directors directly connected to the Internet, one of these APIs can be exploited by injecting invalid arguments into a GET request, potentially exposing the authentication tokens of other currently logged-in users. These tokens can then be used to invoke additional APIs on port 9183. The exploit does not disclose any username or password information. The vulnerable API endpoints include "/vnms/devicereg/device/" (on ports 9182 & 9183) and "/versa/vnms/devicereg/device/" (on port 443).

Recommendations As a temporary workaround, consider using a Web Application Firewall (WAF) or API Gateway to block access to the URLs of the vulnerable API. Upgrade to a remediated software version to fully resolve the issue. Restrict access to the vulnerable API endpoints to minimize the risk of exploitation. Contact Versa Technical Support or the Versa account team for further assistance.