NCR Terminal Handler Information Disclosure Vulnerability via SOAP API

A broken access control vulnerability has been identified in NCR Terminal Handler version 1.5.1. This issue allows a low-level privileged authenticated attacker to query the SOAP API endpoint and retrieve sensitive information about all application users. The leaked data includes usernames, roles, security groups, and account statuses, thereby compromising user privacy and potentially opening avenues for further attacks.

Impact

Exploitation of this vulnerability leads to unauthorized information disclosure, allowing attackers to access sensitive user data such as usernames, roles, security groups, and account statuses.

Reproduction

The vulnerability can be reproduced by sending a request to the WSDL endpoint of the SOAP API. This request can be made using a tool that allows for SOAP API interaction, such as Postman or a custom script. Once the request is sent, the response will include a count of all application users, along with their usernames, roles, security groups, and account statuses.