Mangati NovoSGA Weak Password Policy Vulnerability in User Creation Page

A weak password policy vulnerability has been identified in Mangati NovoSGA versions through 2.2.12. The issue arises in the user creation component, specifically within the file '/novosga.users/new'. Manipulating the 'Senha/Confirmação da senha' argument can result in the application accepting weak passwords. This vulnerability can be exploited remotely and is considered complex, although a public exploit is available.

Impact

Exploiting this vulnerability allows users to create accounts with weak passwords, such as '123456', increasing the risk of brute-force and credential stuffing attacks. This could lead to unauthorized access to user or administrative accounts, privilege escalation through compromised accounts, and a reduced overall security posture for the application.

Reproduction

To reproduce this vulnerability, log into the application with an administrator account and navigate to the user registration page. Create a new user account using '123456' as the password. The application will accept this weak password and successfully create the account.

Remediation

It is recommended to enforce strong password policies that include minimum length requirements and the use of uppercase letters, lowercase letters, digits, and special characters. Additionally, block commonly used weak passwords, encourage or require multi-factor authentication, and implement rate-limiting or account lockout mechanisms to deter brute-force attacks.