Executive Summary

A vulnerability was identified in Netwrix Privilege Secure for Access Management when operating in a high availability (HA) active/passive configuration. In this configuration, a default password is used for database authentication of the replication connection.

While Netwrix is unaware of any current exploitation of this vulnerability, all Netwrix Privilege Secure for Access Management customers operating in a high availability active/passive configuration are advised to apply the available update and follow the updated configuration procedures immediately.

Acknowledgements

We thank Tomasz Wasiak from PFR Operacje for his coordinated disclosure of this vulnerability and his effort and partnership in improving the security of our products.

Vulnerability

Exploitability

Factors such as whether details about the vulnerability are publicly known, whether an exploit is readily available, or whether adversaries are actively exploiting the vulnerability are valuable in making risk-based judgments about urgency and priority; customers should use the information below in making those decisions.

Solution

All Netwrix Privilege Secure for Access Management customers using high availability active/passive configuration are advised to apply the available update immediately. This update is essential to remediating risk from the described vulnerability.

The update is available in the Netwrix Customer Portal, and will apply relevant updates to the application to remediate the vulnerability described in this document.

Post upgrade steps to complete the remediation of the vulnerability and reinstate High Availability can be found in the release notes for Netwrix Privilege Secure for Access Management 4.2 Hotfix 8.

Please contact the Netwrix technical support team should you need assistance.

Official Fixes

Updated software has been released containing official fixes for the vulnerability as indicated in the table below.

FAQ

1. How do I determine which version of Netwrix Privilege Secure for Access Management is in use?

   Version information is displayed at the bottom of the Netwrix Privilege Secure for Access Management login page.

2. Are deployments of Netwrix Privilege Secure for Access Management which do not use High Availability configuration affected?

   No, this vulnerability only affects customers using High Availability active/passive configuration.

3. Are deployments of Netwrix Privilege Secure for Access Management which use High Availability active/active configuration affected?

   No, this vulnerability only affects customers using High Availability active/passive configuration.

Revisions

Updates to this advisory may be made as necessary. Information about each change will be published in the table below.

Disclaimer

The information and materials included in or linked to this Security Advisory are provided on an “as-is” basis and without warranty of any kind, and we disclaim all representations and warranties of any kind, whether express or implied, including warranties of merchantability and fitness for a particular use. You acknowledge and agree that your use of the information and materials included in or linked to this Security Advisory are at your own risk.

An update was made to this advisory.