CVE-2023-47312 – Headwind MDM Web panel 5.22.1 – Login Credential Leakage via Audit Entries

Published CVE numbers:

https://www.cve.org/CVERecord?id=CVE-2023-47312
https://nvd.nist.gov/vuln/detail/CVE-2023-47312

Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control due to Login Credential Leakage via Audit Entries.

The Audit plugin provides a detailed list of the web panel’s operations. When a configuration is updated, the set password is stored in an audit entry and returned without being masked. Due to the missing permission control, the audit plugin may not be accessible to lower-level users.

Exploitation’s steps

Authentication: Required (low-level user access is enough)

Due to the vulnerability of CVE-2023-47316, even low-level users can access the Functions tab and the menu item Audit under this tab.

Users can retrieve all details belonging to the given log entry by clicking the search icon.

Password property contains a plaintext password to the given configuration

Affected API call: /rest/plugins/audit/private/log/search (POST)

Company

About Us

Events

References

Cybersecurity Certifications

Boltonshield Platform

Penetration Testing

Red Teaming

Vulnerability Assessment

Internal Infrastructure Testing

External Infrastructure Testing

Security Operations Center

Managed Security Services

Incident Response

Governance, Risk, and Compliance

Resources

CVE-2023-47312 – Headwind MDM Web panel 5.22.1 – Login Credential Leakage via Audit Entries

Exploitation’s steps

Would you like to learn more about our platform?

This website uses cookies to ensure you get the best experience on our website.