Did you know that 8 out of 10 French companies are affected every year by cyber attacks? Among them, phishing is the most used attack mode, affecting 73% of companies. Security has therefore become a major issue for companies in order to limit the risks involved. Many solutions are now proposed, and Alexis Kuperfis, an engineer at IBM, presents in this article how Infoteam, an IT company specializing in the design and development of innovative solutions, managed to detect a flaw in a site hosted by one of the largest Swiss hosting providers.
A tool for scanning servers
The IT company offers a service to control the vulnerability of a website in a simple and fast way, by daily scans of the servers. To do this, it was led to test this new security SaaS, Security Guardian, on one of its own websites to see how the service evolved over an extended period of time. It should be noted that this site is hosted by one of the largest Swiss hosting providers, so the team did not expect to find any vulnerabilities.
While no vulnerabilities were first detected, an email from Security Guardian highlighted a critical vulnerability. The latter was detected on an external server and concerned a MySQL database with a password estimated as weak: the report indicated the possibility to connect to the database remotely on the root account, without a password. The service estimated the severity of the flaw as high (9/10).
The consequences of an unexplained vulnerability
From there, Infoteam’s team then conducted investigations to understand the problem. After verification and testing, it was found that the report was accurate, as it was possible to connect to the database without a password from a conventional SQL client. And the consequences are very serious: once connected, it is possible to access all databases, especially those of the clients. Hence the high security and data leakage risk, according to Alexis Kuperfis.
Infoteam then contacted the hosting provider in order to resolve the anomaly as quickly as possible, which was done as quickly as possible. It thus became very clear that it is essential to ensure the IT security of the servers, including when management is delegated to an external host.