Skip to content

DayiliWaseem/CVE-2022-39196-

main
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 

CVE-2022-39196

Black board CMS Escalation of Privileges

Blackboard Learn version 1.10.1 allows remote authenticated users to read unintended files by entering student credentials and then directly visiting a certain webapps/bbcms/execute/ URL.

Additional Information

Step 1: Use a student credentials privilege. Username: ********** & Password: **********, to login. 
Step 2: After successfully login by "STUDENT" account privilege.
Step 3: Then request "URL / Location of vulnerability".
Step 4: Directly without any privilege requirements you will escalated the session from "Student" to "Contest Management System" privileges.

Vulnerability Type

Sensitive Data Exposure

Vendor of Product

Blackboard Learn LMS

Affected Product Code Base

LMS - 1.10.1
CMSMAIN - 1.10.1

Attack Type

Remote

Impact Escalation of Privileges

true

Impact Information Disclosure

true

Attack Vectors

Impact 1: View systems directories such as courses , institution, library and orgs directories & its contains.
Impact 2: Basic & Advance searching over courses , institution, library and orgs directories.
Impact 3: Searching & view about Blackboard LMS institution users.
Impact 4: Download files.

Reference

https://drive.google.com/drive/folders/1gonDDt0sCkpMdPDu_ZVwZ7EfLC8Z4JVn?usp=sharing

Has vendor confirmed or acknowledged the vulnerability?

true

Discoverer

Waseem Dayili

About

Black board CMS Escalation of Privileges

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published