Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-3349: Multiple Vulnerabilities Ibermatica Rps 2019 | INCIBE-CERT

Information exposure vulnerability in IBERMATICA RPS 2019, which exploitation could allow an unauthenticated user to retrieve sensitive information, such as usernames, IP addresses or SQL queries sent to the application. By accessing the URL /RPS2019Service/status.html, the application enables the logging mechanism by generating the log file, which can be downloaded.

CVE
#sql#vulnerability#cisco#auth

Multiple vulnerabilities in Ibermática RPS 2019

Affected Resources

Ibermática RPS 2019

Description

INCIBE has coordinated the publication of 2 vulnerabilities in RPS 2019, an enterprise resouce planning software (ERP), which has been discovered by Francisco Javier Medina Munuera.

These vulnerabilities have been assigned the following codes:

  • CVE-2023-3349:
    • CVSS v3.1 base score: 8,2.
    • CVSS vector string: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N.
    • Vulnerability type: CWE-200: information exposure.
  • CVE-2023-3350:
    • CVSS v3.1 base score: 8,2.
    • CVSS vector string: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N.
    • Vulnerability type: CWE-310: cryptographic issues.

Solution

There is no identified solution. However, there is a new version of RPS (link in ‘References’).

Detail

  • CVE-2023-3349: information exposure vulnerability that could allow an unauthenticated user to retrieve sensitive information, such as usernames, IP addresses or SQL queries sent to the application. By accessing the URL /RPS2019Service/status.html, the application enables the logging mechanism by generating the log file, which can be downloaded.
  • CVE-2023-3350: there is a cryptographic vulnerability that could be exploited by an attacker by downloading the log file, retrieving the SQL query sent to the application in plain text. This log file contains the password hashes encrypted with the AES-CBC-129 bit algorithm, which can be decrypted with a .NET function, obtaining the user’s password in plain text.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907