what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

SITS:Vision 9.7.0 Authentication Bypass

SITS:Vision 9.7.0 Authentication Bypass
Posted Mar 25, 2020
Authored by Callum Murphy

An authentication bypass vulnerability is present in the stand-alone SITS:Vision component of Tribal SITS in its default configuration, related to unencrypted communications sent by the client each time it is launched. This vulnerability allows unauthenticated attackers to gain access to credentials or execute arbitrary SQL queries on the SITS backend as long as they have access to the client executable or can intercept traffic from a user who does. Version 9.7.0 is affected.

tags | advisory, arbitrary, bypass
advisories | CVE-2019-19127
SHA-256 | 72b6b1b2c50fcb2bd1a4f629d69aabd35faef658148a4bbb263c4cfcc2a47d7a

SITS:Vision 9.7.0 Authentication Bypass

Change Mirror Download
----------------------------------------------------------------
SITS:Vision 9.7.0 Authentication Bypass
----------------------------------------------------------------

[-] Software Link:

https://www.tribalgroup.com/software-and-services/student-information-systems/sitsvision


[-] Affected Versions:

Version 9.7.0 and possibly other versions.


[-] Vulnerability Description:

An authentication bypass vulnerability is present in the standalone SITS:Vision component of Tribal SITS in its default configuration, related to unencrypted communications sent by the client each time it is launched. This vulnerability allows unauthenticated attackers to gain access to credentials or execute arbitrary SQL queries on the SITS backend as long as they have access to the client executable or can intercept traffic from a user who does.


[-] Solution:

According to the vendor, changing a configuration setting to enable the Uniface TLS driver will mitigate the issue.


[-] Disclosure Timeline:

[15/11/2019] - Issue reported to vendor.
[18/11/2019] - Vendor replies that they consider this to be OK as it can be mitigated with a Uniface configuration change.
[20/11/2019] - CVE number assigned.
[23/03/2020] - Publication of this advisory.


[-] CVE Reference:

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2019-19127 to this vulnerability.


[-] Credits:

Vulnerability discovered by Callum Murphy.

Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under company number. 05747339, VAT number GB 197 0632 86. Jisc’s registered office is: 4 Portwall Lane, Bristol, BS1 6NB. T 0203 697 5800.

Jisc Services Limited is a wholly owned Jisc subsidiary and a company limited by guarantee which is registered in England under company number 02881024, VAT number GB 197 0632 86. The registered office is: 4 Portwall Lane, Bristol, BS1 6NB. T 0203 697 5800.

For more details on how Jisc handles your data see our privacy notice here: https://www.jisc.ac.uk/website/privacy-notice


Login or Register to add favorites

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    8 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    11 Files
  • 23
    Apr 23rd
    68 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close