CVE-2023-41264

Name of the Vulnerable Software and Affected Versions Netwrix Usercube versions prior to 6.0.215

Description The issue allows authentication bypass on deployment endpoints, leading to privilege escalation in certain misconfigured on-premises installations. This occurs when the configuration omits the required restSettings.AuthorizedClientId and restSettings.AuthorizedSecret fields for the "POST /api/Deployment/ExportConfiguration" and "POST /api/Deployment" endpoints.

Recommendations For versions prior to 6.0.215, update to version 6.0.215 or later to resolve the issue. As a temporary workaround, consider configuring the required restSettings.AuthorizedClientId and restSettings.AuthorizedSecret fields to prevent authentication bypass. Restrict access to the "POST /api/Deployment/ExportConfiguration" and "POST /api/Deployment" endpoints until the issue is resolved.