CVE-2023-47312 – Headwind MDM Web panel 5.22.1 – Login Credential Leakage via Audit Entries

Published CVE numbers:

https://www.cve.org/CVERecord?id=CVE-2023-47312
https://nvd.nist.gov/vuln/detail/CVE-2023-47312

Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control due to Login Credential Leakage via Audit Entries.

The Audit plugin provides a detailed list of the web panel’s operations. When a configuration is updated, the set password is stored in an audit entry and returned without being masked. Due to the missing permission control, the audit plugin may not be accessible to lower-level users.

Exploitation’s steps

Authentication: Required (low-level user access is enough)

Due to the vulnerability of CVE-2023-47316, even low-level users can access the Functions tab and the menu item Audit under this tab.

Users can retrieve all details belonging to the given log entry by clicking the search icon.

Password property contains a plaintext password to the given configuration

Affected API call: /rest/plugins/audit/private/log/search (POST)

CVE-2023-47312 – Headwind MDM Web panel 5.22.1 – Login Credential Leakage via Audit Entries

Exploitation’s steps

Would you like to learn more about our platform?

This website uses cookies to ensure you get the best experience on our website.