Enviar #242026: Software AG Web Methods 10.11.x, 10.15.x Inconsistent Access Controlinformación

TítuloSoftware AG Web Methods 10.11.x, 10.15.x Inconsistent Access Control
DescripciónAn issue in SoftwareAG WebMethods v.10.11.x and v.10.15.x allows a remote attacker to obtain sensitive information via the wm.server/connect/ or /assets/ files. Some times, To access such file like /assets/, a popup may ask you to provide the username and password, just click CANCEL and you'll be redirected to the directory, on the top left cornet you'll find FQDN for the application server in ACTIVE DIRECTORY. If you visited /invoke/wm.server/connect , you'll be able to see all listed data from internal IPs, ports, versions. In some cases, I've noticed that it refuse connection to /assets/ directory for example, but if we entered /assets/x as a false value, then come back to /assets/ we will be able to see folder content, I think it's due to insufficient access control where referrer header maybe trusted. * there's a governmental entities vulnerable to this vulnerability, their internal IPs, Ports, Active Directory FQDN exposed to public due to this bug.
Usuario
 mohammedhashayka (UID 58817)
Sumisión2023-11-22 07:35 (hace 3 años)
Moderación2023-12-07 13:51 (15 days later)
EstadoAceptado
Entrada de VulDB247158 [Software AG WebMethods 10.11.x/10.15.x wm.server/connect/ escalada de privilegios]
Puntos17

Do you know our Splunk app?

Download it now for free!