what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

OpenAsset Digital Asset Management IP Access Control Bypass

OpenAsset Digital Asset Management IP Access Control Bypass
Posted Dec 11, 2020
Authored by Jack Misiura

The OpenAsset Digital Asset Management web application allowed for spoofing of IP addresses by using X-Forwarded-For header. By default, the web application would allow all traffic in for 127.0.0.1, in order to prevent users from accidentally blocking themselves. Vulnerable versions include 12.0.19 (Cloud) and 11.2.1 (On-premise).

tags | exploit, web, spoof, bypass
advisories | CVE-2020-28856
SHA-256 | ad00d431157ae8f7dd34f7235a000e058a087a21a50442a4aad8f2801e7fdb27

OpenAsset Digital Asset Management IP Access Control Bypass

Change Mirror Download
Title: IP access control bypass



Product: OpenAsset Digital Asset Management by OpenAsset



Vendor Homepage: https://www.openasset.com/



Vulnerable Version: 12.0.19 (Cloud) 11.2.1 (On-premise)



Fixed Version: 12.0.20 (Cloud) 11.4.10 (On-premise)



CVE Number: CVE-2020-28856



Author: Jack Misiura from The Missing Link



Website: https://www.themissinglink.com.au



Timeline:



2020-11-14 Disclosed to Vendor

2020-12-04 Vendor releases final patches

2020-12-10 Publication



1. Vulnerability Description



The OpenAsset Digital Asset Management web application allowed for spoofing of IP addresses by using X-Forwarded-For header. By default, the web application would allow all traffic in for 127.0.0.1, in order to prevent users from accidentally blocking themselves.



2. PoC



Ensure a web application endpoint has been blocked for a specific IP address or alternatively, use a * to block all IP address. Confirm the block is in place by attempting to make a request to the endpoint. Next, add the following to the request header:



X-Forwarded-For: 127.0.0.1



The request will not be blocked, allowing access to potentially dangerous endpoints or sensitive data.



3. Solution



The vendor provides an updated version (11.4.10) which should be installed immediately. If using the cloud version, the vendor has already updated it.



4. Advisory URL



https://www.themissinglink.com.au/security-advisories
Login or Register to add favorites

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    18 Files
  • 6
    Oct 6th
    16 Files
  • 7
    Oct 7th
    12 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close