Permalink
Cannot retrieve contributors at this time
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
mconnect/sensitiveDataExposure
Go to fileThis commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
30 lines (23 sloc)
1.17 KB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Presentation: | |
| Security vulnerability: Sensitive Data Exposure. | |
| Vulnerability Type: Sensitive Data Exposure by Broken Access Control. | |
| Affected Component: Affected source code pages. | |
| Software: MV's IDCE. | |
| Version: 1.0 (discontinued). | |
| Bussiness area: Health, Medicine. | |
| Describe the bug/issue: | |
| Information disclosure in aspx pages of MV's IDCE application v1.0 allows an attacker to copy and paste aspx pages in the end of the URL application that connect directly | |
| to the database, revealing internal and sensitive information of users and patients without been logged into the web application. | |
| Have you searched the internet or Github for an answer? | |
| Yes. | |
| To Reproduce: | |
| Without been logged into the IDCE application, open the URL and access: | |
| http://your_domain/idce/Medicos.aspx or; | |
| http://your_domain/idce/SegUsuario.aspx | |
| Internal information will be disclosed by the IDCE application, like names, usernames, birth date, brazilian regional Council of medicine (CRM), brazilian registration | |
| of individuals (CPF), etc. | |
| Expected behavior: | |
| Internal information should not be disclosed without proper authentication and authorization. | |
| Bug Fix: | |
| No bug fix. Discontinued software. | |
| CVE ID: CVE-2020-23284 |