Last active
March 6, 2023 09:56
-
-
Save Jakick/7d1635b886654ddd0e476b3c79a7ba9f to your computer and use it in GitHub Desktop.
CVE-2023-26261 - WAAP Gateway/Cloud - Authentication bypass via blind XPath injection
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| In UBIKA WAAP Gateway/Cloud through 6.10, a blind XPath injection leads to an authentication bypass by stealing the session of another connected user. | |
| As a basic security requirement and also to prevent this attack, we strongly recommend that the administration interface (running on port 3001/tcp) is restricted to administrators only (by source IP fire-walling or admin VLAN segregation). | |
| The fixed versions are WAAP Gateway & Cloud 6.11.0 and 6.5.6-patch15. | |
| A patch (cpt) is available for versions prior to 6.11 and 6.5.6-patch15. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment