DriveLock Agent Impersonation Vulnerability in DriveLock Enterprise Service
Vulnerability
A misconfiguration vulnerability has been identified in DriveLock versions 24.1 through 24.1.*, 24.2 through 24.2.*, and 25.1 through 25.1.*. The issue arises from incomplete agent authentication configuration in the DriveLock Operations Center (DOC), allowing attackers to impersonate any DriveLock agent on the network. This impersonation can be exploited against the DriveLock Enterprise Service (DES), where attackers can use the trace file functionality to upload files into arbitrary tenants.
Impact
Exploitation of this vulnerability allows for arbitrary agent impersonation on the network, with the potential to upload files into any tenant via the DriveLock Enterprise Service.
Remediation
To address this vulnerability, ensure that the agent authentication configuration is properly set in the DriveLock Operations Center. Consult the DriveLock documentation for guidance on the correct installation checkboxes. Additionally, consider updating to the latest release of DriveLock for ongoing improvements and security enhancements.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.