CVE-2022-23342

Name of the Vulnerable Software and Affected Versions Hyland Onbase Application Server versions prior to 20.3.58.1000 Hyland OnBase versions 21.1.1.1000 through 21.1.15.1000

Description The issue allows an attacker to obtain valid users based on the response returned for invalid and valid users by sending a POST login request to the "/mobilebroker/ServiceToBroker.svc/Json/Connect" endpoint. This can lead to user enumeration against the underlying Active Directory integrated systems.

Recommendations For Hyland Onbase Application Server versions prior to 20.3.58.1000, update to version 20.3.58.1000 or later. For Hyland OnBase versions 21.1.1.1000 through 21.1.15.1000, update to a version outside of this range. As a temporary workaround, consider restricting access to the "/mobilebroker/ServiceToBroker.svc/Json/Connect" endpoint until a patch is available.