Shyaka Laniesse Jakick

## gist:7d1635b886654ddd0e476b3c79a7ba9f
In UBIKA WAAP Gateway/Cloud through 6.10, a blind XPath injection leads to an authentication bypass by stealing the session of another connected user.
As a basic security requirement and also to prevent this attack, we strongly recommend that the administration interface (running on port 3001/tcp) is restricted to administrators only (by source IP fire-walling or admin VLAN segregation).
The fixed versions are WAAP Gateway & Cloud 6.11.0 and 6.5.6-patch15.
A patch (cpt) is available for versions prior to 6.11 and 6.5.6-patch15.
	In UBIKA WAAP Gateway/Cloud through 6.10, a blind XPath injection leads to an authentication bypass by stealing the session of another connected user.
	As a basic security requirement and also to prevent this attack, we strongly recommend that the administration interface (running on port 3001/tcp) is restricted to administrators only (by source IP fire-walling or admin VLAN segregation).
	The fixed versions are WAAP Gateway & Cloud 6.11.0 and 6.5.6-patch15.
	A patch (cpt) is available for versions prior to 6.11 and 6.5.6-patch15.