Versa Director Default Credential Vulnerability Allowing Unauthorized Access

A vulnerability exists in Versa Director software versions 22.1.4 (prior to the February 8, 2025 hot fix), 22.1.3 (through June 10, 2025), 22.1.2 (through June 10, 2025), 22.1.1, 21.2.3 (through June 10, 2025) and 21.2.2. The issue arises from the software exposing several services, including SSH and PostgreSQL, to the internet by default. Many accounts with sudo access use default credentials, creating an easy entry point for attackers.

Impact

Exploitation of this vulnerability could lead to unauthorized access and elevated privileges on the affected system, allowing attackers to perform actions with administrative rights.

Remediation

Users are advised to change default passwords to complex ones, incorporating at least eight characters, including upper and lower case letters, digits, and special characters. Passwords should be changed every 90 days, with a history check to ensure that the last five passwords are used when changing. Additionally, users should review and audit access logs for any unauthorized or suspicious login attempts.