![]() ![]() If the attacker has local administrator access to the Orion server, they can modify the Accounts table using the Orion Database Manager GUI application. If direct access to the SQL Server database for Orion is possible, a modification to the Accounts table will allow for easy access to the console. An attacker that can man-in-the-middle the SQL Server communication can use this to login to the Orion web console with an arbitrary password by replacing the password hash when the web server queries the Accounts table during login. An attacker can then monitor network traffic between the Orion server and a separate SQL Server instance, extracting hashed user passwords and encrypted network device credentials. The Orion product is typically managed from the web console this can use a local account database or an existing Active Directory service. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |