CVE-2020-9352

Name of the Vulnerable Software and Affected Versions SmartClient version 12.0

Description An issue was discovered in the downloadWSDL feature, allowing unauthenticated exploitation of blind XXE. This can occur by sending a POST request to the "/tools/developerConsoleOperations.jsp" endpoint with a valid payload in the transaction parameter. The documentation notes that these tools are available to anyone by default and should only be deployed into a trusted environment, or restricted to administrators or end users by protecting the tools path with normal authentication and authorization mechanisms on the web server.

Recommendations For SmartClient version 12.0, restrict access to the "/tools/developerConsoleOperations.jsp" endpoint to minimize the risk of exploitation, and consider protecting the tools path with normal authentication and authorization mechanisms on the web server.