PT-2023-27877 · Netwrix · Netwrix Usercube
Antoine Carrincazeaux
+1
·
Published
2023-11-28
·
Updated
2024-08-01
·
CVE-2023-41264
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Netwrix Usercube versions prior to 6.0.215
Description
The issue allows authentication bypass on deployment endpoints, leading to privilege escalation in certain misconfigured on-premises installations. This occurs when the configuration omits the required
restSettings.AuthorizedClientId and restSettings.AuthorizedSecret fields for the "POST /api/Deployment/ExportConfiguration" and "POST /api/Deployment" endpoints.Recommendations
For versions prior to 6.0.215, update to version 6.0.215 or later to resolve the issue. As a temporary workaround, consider configuring the required
restSettings.AuthorizedClientId and restSettings.AuthorizedSecret fields to prevent authentication bypass. Restrict access to the "POST /api/Deployment/ExportConfiguration" and "POST /api/Deployment" endpoints until the issue is resolved.Exploit
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Netwrix Usercube