10 matches found
EUVD-2020-18248
Malware in sbrugna...
CVE-2020-25565
In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients username: sapphire, password: ims and gain access to the portal. Once the access is available, the attacker can inject malicious OS commands on “ping”, “traceroute” and “snmp” functions and execute code on the server...
CVE-2020-25566
In SapphireIMS 5.0, it is possible to take over an account by sending a request to the SavePassword form as shown in POC. Notice that we do not require a JSESSIONID in this request and can reset any user’s password by changing the username to that user and password to base64desired password...
CVE-2020-25566
In SapphireIMS 5.0, it is possible to take over an account by sending a request to the SavePassword form as shown in POC. Notice that we do not require a JSESSIONID in this request and can reset any user’s password by changing the username to that user and password to base64desired password...
CVE-2020-25560
In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients username: sapphire, password: ims and gain access to the portal. Once the access is available, the attacker can inject malicious OS commands on “ping”, “traceroute” and “snmp” functions and execute code on the server. W...
Default credentials
In SapphireIMS 5.0, it is possible to take over an account by sending a request to the SavePassword form as shown in POC. Notice that we do not require a JSESSIONID in this request and can reset any user’s password by changing the username to that user and password to base64desired password...
Hardcoded credentials
In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients username: sapphire, password: ims and gain access to the portal. Once the access is available, the attacker can inject malicious OS commands on “ping”, “traceroute” and “snmp” functions and execute code on the server. W...
CVE-2020-25563
SapphireIMS 5.0 is affected by an authentication-bypass vulnerability in the RemoteMgmtTaskSave (Automation Tasks) path that allows an unauthenticated user to create a local administrator on any client by accessing RemoteMgmtTaskSave without a JSESSIONID. Root cause: direct access to an automatio...
CVE-2020-25560
In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients username: sapphire, password: ims and gain access to the portal. Once the access is available, the attacker can inject malicious OS commands on “ping”, “traceroute” and “snmp” functions and execute code on the server. W...
SapphireIMS 访问控制错误漏洞
Tecknodreams SapphireIMS is an ITIL 2011 certified Enterprise Service Management System from Tecknodreams India. A security vulnerability exists in SapphireIMS 5.0, which stems from the software's Save Password form not filtering requests enough to allow an attacker to send a request to take over...