BAE SOCET GXP Unauthenticated Job Submission Vulnerability

A vulnerability exists in BAE SOCET GXP versions prior to 4.6.0.2, where the SOCET GXP Job Service does not require authentication before accepting and processing jobs. This flaw can potentially allow remote users to submit jobs, or local users to submit jobs that execute with the permissions of other users, depending on the application's configuration.

Impact

Exploitation of this vulnerability could lead to unauthorized job submissions that are processed with elevated privileges, potentially allowing for misuse of the application's job processing capabilities.

Remediation

Users are advised to update to SOCET GXP version 4.6.0.2 or later, which disables network access for the GXP Job Service by default. For those unable to update immediately, network access can be restricted by removing allowed IPs from the Job Service configuration window and blocking access to the job service ports in the Windows firewall.