Permalink
Cannot retrieve contributors at this time
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Vulns/Kiteworks Vulnerability
Go to fileThis commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
54 lines (54 sloc)
1.3 KB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| > [Suggested description] | |
| > Authentication Bypass vulnerability in Accellion kiteworks before | |
| > 2017.01.00 allows remote attackers to execute certain API calls on | |
| > behalf of a web user using a gathered token via a POST request to | |
| > /oauth/token. | |
| > | |
| > ------------------------------------------ | |
| > | |
| > [Vulnerability Type] | |
| > Incorrect Access Control | |
| > | |
| > ------------------------------------------ | |
| > | |
| > [Vendor of Product] | |
| > Accellion | |
| > | |
| > ------------------------------------------ | |
| > | |
| > [Affected Product Code Base] | |
| > Kiteworks - Affected Version: kw2016.04.12, Fixed Version: v2017.01.00 | |
| > | |
| > ------------------------------------------ | |
| > | |
| > [Affected Component] | |
| > web user, token, API calls | |
| > | |
| > ------------------------------------------ | |
| > | |
| > [Attack Type] | |
| > Remote | |
| > | |
| > ------------------------------------------ | |
| > | |
| > [Impact Information Disclosure] | |
| > true | |
| > | |
| > ------------------------------------------ | |
| > | |
| > [CVE Impact Other] | |
| > Can create user accounts | |
| > | |
| > ------------------------------------------ | |
| > | |
| > [Attack Vectors] | |
| > To exploit vulnerability, someone can gather the token by submitting a POST request to /oauth/token. | |
| > | |
| > ------------------------------------------ | |
| > | |
| > [Has vendor confirmed or acknowledged the vulnerability?] true | |
| > | |
| > ------------------------------------------ | |
| > | |
| > [Discoverer] | |
| > Jerin Joy |