Overview
EasyVista contains an authentication bypass vulnerability in the EasyVista single sign-on feature.
Description
EasyVista contains an authentication bypass vulnerability in the EasyVista single sign-on feature that does not use encoded values. If an attacker can obtain the login names for any users with access to the application, then the attacker may be able to bypass authentication using a specifically crafted URL. An example URL is below: |
Impact
If an attacker can obtain the login name of an application administrator, they may be able to perform any function an administrator can. The application contains an inventory database with sensitive information that would be useful to an attacker to expand their attack to the rest of the network. |
Solution
Apply an Update |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | 5.3 | AV:N/AC:--/Au:S/C:C/I:C/A:C |
| Temporal | 4.6 | E:H/RL:OF/RC:C |
| Environmental | 1.2 | CDP:ND/TD:L/CR:ND/IR:ND/AR:ND |
References
Acknowledgements
Thanks to ar1vr for reporting this vulnerability.
This document was written by Jared Allar.
Other Information
| CVE IDs: | None |
| Severity Metric: | 17.55 |
| Date Public: | 2012-02-21 |
| Date First Published: | 2012-02-21 |
| Date Last Updated: | 2012-07-23 20:48 UTC |
| Document Revision: | 24 |