CVE-2017-5230 Rapid7 CVE debrief

Who should care

Rapid7 Nexpose administrators, security operations teams, and incident responders responsible for systems that store or use saved scan credentials.

Technical summary

The vulnerable component is the Java keystore used by Nexpose to hold saved scan credentials. Because the keystore is encrypted with a static, non-modifiable password, its protection does not provide the intended confidentiality boundary for stored credentials. The supplied corpus marks the issue as HIGH severity (CVSS 7.2) and identifies CWE-798. Vendor release notes indicate remediation in Nexpose 6.4.50.

Defensive priority

High — upgrade promptly if you run Nexpose versions prior to 6.4.50, then assess whether any stored scan credentials should be rotated.

Recommended defensive actions

• Upgrade Rapid7 Nexpose to 6.4.50 or later.
• Review and rotate any saved scan credentials that may have been stored in the affected keystore.
• Restrict access to Nexpose application data, backups, and file-system copies that may contain the keystore.
• Verify whether any endpoints or services reachable with saved scan credentials need credential resets after remediation.
• Confirm your deployed Nexpose version against the vendor release notes and the affected-version information in NVD.

Evidence notes

The supplied sources consistently describe a static, user-unmodifiable password protecting the Java keystore that stores saved scan credentials. NVD assigns CWE-798 and a CVSS 3.0 vector of CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H. Rapid7’s advisory and Nexpose 6.4.50 release notes are the relevant vendor references for mitigation. The corpus also contains a version-range mismatch: the NVD CPE metadata lists affected versions through 6.4.23, while the vendor materials identify 6.4.50 as the fix; this debrief follows the vendor fix reference and notes the inconsistency.

Official resources