Vulners
Lucene search
Jalios JCMS 10 Backdoor Account / Authentication Bypass Vulnerabilities
| Reporter | Title | Published | Views | Family All 11 |
|---|---|---|---|---|
 | CVE-2019-19033 | 21 Nov 201918:15 | – | attackerkb |
 | CVE-2019-19033 | 26 Feb 202410:12 | – | circl |
 | Jalios JCMS Authentication Bypass Vulnerability | 25 Nov 201900:00 | – | cnvd |
 | CVE-2019-19033 | 21 Nov 201917:53 | – | cve |
 | CVE-2019-19033 | 21 Nov 201917:53 | – | cvelist |
 | Exploit for Use of Hard-coded Credentials in Jalios Jcms | 17 Nov 201919:32 | – | githubexploit |
 | EUVD-2019-8675 | 7 Oct 202500:30 | – | euvd |
 | CVE-2019-19033 | 21 Nov 201918:15 | – | nvd |
 | CVE-2019-19033 | 21 Nov 201918:15 | – | osv |
 | Hardcoded credentials | 21 Nov 201918:15 | – | prion |
10
Jalios JCMS 10 Backdoor Account / Authentication Bypass Vulnerabilities
I. VULNERABILITY
-------------------------
Jalios JCMS 10 allows attackers to access any part of the website and the WebDAV server with administrative privileges via a backdoor account using any username and an specific password.
II. CVE REFERENCE
-------------------------
CVE-2019-19033
III. VENDOR
-------------------------
Jalios (https://www.jalios.com/jcms/j_6/en/home)
IV. TIMELINE
-------------------------
08/11/19 - Vulnerability discovered
09/11/19 - Vendor contacted
14/11/19 - Vendor fixes the vulnerability
V. DESCRIPTION
-------------------------
The "webdav" folder uses HTTP authentication which can be bypassed using the backdoor account. This allows to get access to the website as the administrator and then create more administrator users, change passwords of any username, delete usernames, create groups, download the list of all the users (with email addresses, phone numbers, full names ...). It is also possible to upload or overwrite any file in the WebDAV server. The "webdav" folder is located by default in the root of the website. This is caused by a vulnerable version of the "DevTools" plugin, installed by default.
VI. IMPACT
-------------------------
CVSS 10.0(AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H))
VII. SOLUTION
-------------------------
Possible solutions:
- Disable the DevToolsAuthenticationHandler
- Disable or uninstall the DevTools plugin.
- Upgrade DevTools plugin to version 7.1 or 8.1
VIII. REFERENCES
-------------------------
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19033
IX. CREDIT
-------------------------
Ricardo José Ruiz Fernández (@ricardojoserf)
# 0day.today [2019-12-04] #Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
25 Nov 2019 00:00Current
1.5Low risk
Vulners AI Score1.5
EPSS0.00908