[CVE-2017-16629] SapphireIMS: Login Page Information Disclosure

Posted on

Description

In SapphireIMS 4097_1, it is possible to guess the registered/active usernames of the software from the errors it gives out for each type of user on the login form. For “Incorrect User” - it gives an error “The application failed to identify the user. Please contact administrator for help.” For “Correct User and Incorrect Password” - it gives an error “Authentication failed. Please login again.”

CVSS 3.0 Base Score

5.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CWE

CWE-203: Information exposure through discrepancy

Researcher

Tanoy Bose

POC

Limited Disclosure

Vulnerability Tracker

Disclosure timelines

  • 14 Sept, 2017 - Informed vendor; No response
  • 15 Sept, 2017 - Informed CERT/CC
  • 26 Sept, 2017 - First follow up; No response
  • 30 Oct, 2017 - Second follow up; No response
  • 06 Nov, 2017 - Assigned CVE
Tanoy Bose
Namaste.
You can know about me at my portfolio.
I follow my own Vulnerability Disclosure Policy.
Most of my work is listed here.