This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Exploit Title: Ldap Injection in Pegasystem | |
# Date: 16/09/2019 | |
# Vendor Homepage: https://www.pega.com/ | |
# Version: 8.2 or less | |
# Tested on: linux | |
# CVE : CVE-2019-16374 | |
Description: Pega Platform 8.2.1 or less allows LDAP injection because a username can contain a * character and can be of unlimited length. An attacker can specify four characters of a username, followed by the * character, to bypass access | |
[Additional Information]: | |
Application allows asterisk in the username parameter where the application is integrated with LDAP. The XSS filter implemented in sanitizing the user input at login function is failed to filter out the asterisk '*' value which allowed to exploit this vulnerability and lead to password spraying attack. |