My-Site Access Control Vulnerability in Authorization Filter Allowing Unauthenticated Access to Sensitive Components
Vulnerability
A vulnerability has been identified in My-Site version 1.0.2.RELEASE, where incorrect access control in the AuthorizationFilter's doFilter function allows attackers to access sensitive components without authentication. The issue arises because the filter improperly validates request URLs, enabling bypass of authentication checks.
Impact
Exploitation of this vulnerability allows unauthorized access to sensitive administrative APIs, potentially exposing confidential user information.
Reproduction
To reproduce this vulnerability, send a request to the '/admin/user/list.do' endpoint without authentication. The server will respond with a redirect to the login page. However, if the request URL is modified to include a semicolon before the query parameters, the authentication check can be bypassed, granting access to user information.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.