SITEL CAP/PRX vulnerable to a denial of service attack
CAP/PRX firmware version 5.2.01.
INCIBE has coordinated the publication of a vulnerability in the SITEL CAP/PRX device, with the internal code INCIBE-2021-0180, which has been discovered by the Industrial Cybersecurity team of S21sec, special mention to Aarón Flecha Menéndez and Luis Martín Liras, as an independent researcher.
CVE-2021-32455 has been assigned to this vulnerability. A CVSS v3.1 base score of 6.8 has been calculated; the CVSS vector string is AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H.
The fix for this vulnerability is available as of version 1.2 of the CAP-PRX-NG platform.
The CAP/PRX remote from SITEL is vulnerable to suffer a Denial of Service condition by sending HTTP requests massively. Since the device does not properly close these connections, after a period of time the embedded web server suffers a denial of service.
This vulnerability has been corrected in the affected products through SITEL's continuous improvement processes.
CWE-400: Uncontrolled Resource Consumption.
TIMELINE:
11/08/2017 – Researchers disclosure.
02/10/2020 – Researchers contact with INCIBE.
08/02/2021 – SITEL confirms the vulnerability to INCIBE and the publication of the corrective version and the new software version (security patch).
13/05/20201 – INCIBE publishes the advisory.
If you have any information regarding this advisory, please contact INCIBE as indicated in the CVE Assignment and publication section.