Skip to content

A NETBIOS_SMB Share Password is the Default or Null or Missing

Updated  by hvuser
  • PDF
  • Print
  • Copy To Clipboard
  • Collapse All Expand All

Content

Priority:  High

Status: In Progress- Undergoing Analysis

 

First Published: September 26, 2023

Advisory Version: [1.0]

References:  CVE-1999-0519

 

Summary

A vulnerability exists in the SMB/NETBIOS implementation on legacy versions of the Windows and Windows NT/2000 operating systems. In summary, if an SMB share that has no access control is detected, on unpatched versions of these operating systems, access to the entire hard drive could be allowed. In Windows NT, it is common to find shares with all access enabled, since this is the default setting when a share is created. It is best to explicitly set the access control list on shares from the outset. If this vulnerability was detected on a version of Windows NT prior to Service Pack 3 (SP3), an attacker can use shares to cause the system to crash.

Affected Products

Vulnerable Products

The following matrix lists Hitachi Vantara products and solutions which have been confirmed to be affected by either of these vulnerabilities. If a Fixed Release Version is accompanied by a future date, the date is the best estimate we can provide based on current information and mitigation testing progress. If no Fixed Release Version is indicated for an affected product, Hitachi Vantara is continuing to evaluate the fix, and will update this advisory as additional information becomes available.

 

Product Fixed Release Version
Content Products
Content Platform

HCP is not vulnerable by default and is working as designed.   

By default, at the namespace level, only Authenticated Access is allowed.  A user would have to select the "Anonymous access only" option to enable this vulnerability.

The recommended mitigation action for a customer is to go through all existing namespaces and make sure no namespaces are using “Enable CIFS” and  “Anonymous access only” from the Tenant Management Console. In TMC, the namespaces with anonymous access have an alert icon with the hover text “Anonymous access allowed”. So the customer only needs to expand those namespaces with that alert.

Products Confirmed Not Vulnerable

At the time of this advisory's publication, only products listed in the Vulnerable Products section above are confirmed to be affected by this vulnerability.

Recommended Actions

 

If any of the information presented above remains unclear, please contact the Hitachi Vantara Global Support Center, or your Vantara-authorized service and support provider.

The information contained herein is for informational purposes only. It is not intended as a guaranty or warranty about Hitachi Vantara’s products, including any guaranty or warranty that any product cannot be exploited by third parties. All product warranties and obligations to a customer must be specified in a mutually acceptable and executed contract between the parties.