JEPaaS Access Control Bypass Vulnerability in Filter Handler Component

A critical access control vulnerability has been identified in JEPaaS version 7.2.8. The issue arises in the Filter Handler component, specifically within the doFilterInternal function, where improper access controls allow unauthorized users to bypass authentication and directly access protected resources. This vulnerability can be exploited remotely, and a public proof-of-concept exploit is available.

Impact

Exploitation of this vulnerability allows for unauthorized access to resources or functionalities that should be restricted, potentially leading to further actions or access within the application that could be harmful or unauthorized.

Reproduction

To reproduce this vulnerability, send a request to the '/error/.%2e;/je/rbac/rbac/queryUser' endpoint. This request will bypass the SessionFilter, which is responsible for login validation, and directly access the user query functionality, demonstrating the access control bypass.