Multiple vulnerabilities in Ibermática RPS 2019
Posted date 29/06/2023
Identificador
INCIBE-2023-0244
Importance
4 - High
Affected Resources
Ibermática RPS 2019
Description
INCIBE has coordinated the publication of 2 vulnerabilities in RPS 2019, an enterprise resouce planning software (ERP), which has been discovered by Francisco Javier Medina Munuera.
These vulnerabilities have been assigned the following codes:
- CVE-2023-3349:
- CVSS v3.1 base score: 8,2.
- CVSS vector string: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N.
- Vulnerability type: CWE-200: information exposure.
- CVE-2023-3350:
- CVSS v3.1 base score: 8,2.
- CVSS vector string: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N.
- Vulnerability type: CWE-310: cryptographic issues.
Solution
There is no identified solution. However, there is a new version of RPS (link in 'References').
Detail
- CVE-2023-3349: information exposure vulnerability that could allow an unauthenticated user to retrieve sensitive information, such as usernames, IP addresses or SQL queries sent to the application. By accessing the URL /RPS2019Service/status.html, the application enables the logging mechanism by generating the log file, which can be downloaded.
- CVE-2023-3350: there is a cryptographic vulnerability that could be exploited by an attacker by downloading the log file, retrieving the SQL query sent to the application in plain text. This log file contains the password hashes encrypted with the AES-CBC-129 bit algorithm, which can be decrypted with a .NET function, obtaining the user's password in plain text.
References list
Etiquetas