2022: Security Advisory: MOM Tech Support Vulnerability

Summary

uniFLOW and RPS security vulnerability in MOM Tech Support Interface (techsupport.asp).

Advisory release date

28-Dec-2022

Product

  • uniFLOW server

  • uniFLOW Remote Print Server (RPS)

Summary of Vulnerability

This advisory discloses a high-severity potential data exposure in all versions of uniFLOW. The versions affected are listed in a table below.

The potential data exposure is possible by unauthorized users on the network accessing technical logs via the Technical Support Web Interface (techsupport.asp). Logs presented by this interface are limited to the last 1000 events but may contain card numbers, windows logon names, job names, etc.

Severity

NT-ware rates the severity level of this vulnerability as high due to the data type, but the overall likelihood is low. Please review this security advisory and discuss the steps outlined with your Security or IT Team.

Affected Versions

All versions of uniFLOW are affected by this vulnerability.

 

Product

Affected versions

uniFLOW and Remote Print Server (RPS)

  • uniFLOW V5.4 and older

  • uniFLOW 2018 LTS SR12 and older

  • uniFLOW 2019 LTS SR10 and older

  • uniFLOW 2020 LTS SR10 and older

  • uniFLOW 2021 LTS SR9 and older

  • uniFLOW 2022 LTS SR4 and older

 

 

Fixed Versions

Product

Fix versions

uniFLOW and Remote Print Server (RPS)

  • uniFLOW 2018 LTS SR13 or higher

  • uniFLOW 2019 LTS SR11 or higher

  • uniFLOW 2020 LTS SR11 or higher

  • uniFLOW 2021 LTS SR10 or higher

  • uniFLOW 2022 LTS SR5 or higher

Note: uniFLOW V5.4 and older are out of support already. We will not release a service release for those versions. However, the workaround described below under “Manually Patch Your System(s)” will also work and should be applied in case you can not upgrade your system.

What You Need to Do

NT-ware highly recommends that you update each of your affected installations to one of the listed fixed versions (or any later version) above (see the “Fixed Versions” section of this page for details).
In case you are unable to perform an update or upgrade, we strongly advise you to apply the workaround described under “Manually Patch Your System(s)”.

If you do not update/upgrade an older version to a fixed version or put the workaround in place, be aware that you are doing this at your own risk.

Mitigation

To remediate this vulnerability, update each affected product installation to a fixed version listed above.

If upgrading your installations is not possible for any reason, apply the workaround described under “Manually patch your system(s)”.

Manually Patch Your System(s)

uniFLOW server

Remove the techsupport.asp file as described in the following. Note that this results in not having access anymore to the Tech Support Interface. Please note that on updated systems, the page will be available again but only from localhost.

Update 16/1/2023: It is also recommended that the Workflow Support page is handled in the same way.

  • On the uniFLOW server, go to:
    C:\Program Files (x86)\uniFLOW\WebServer\

This is the default path. It might differ on your system if you had changed the path during the original installation of uniFLOW.

  • Delete the file: techsupport.asp.

  • Delete the file: workflowsupport.asp

Remote Print Server

  • On the uniFLOW RPS, create a Windows registry key that will prevent access to the techsupport.asp file. Afterward, it redirects to an error page instead.

 

uniFLOW system

RPS

System key 64-bit

HKLM\SOFTWARE\WOW6432Node\NT-

ware\MOM\MomAps\TcpServer\HttpHandler

Value

/techsupport.asp

Date type

REG_SZ

Value data

/404.htm

Shortcut

HKLM\SOFTWARE\WOW6432Node\NT-ware\MOM\MomAps\TcpServer\HttpHandler \/techsupport.asp (REG_SZ)

  • Once the registry key is created, restart the RPS service.

Support

If you have further questions, please contact your Canon / Canon Business Partner representative.