Centurion ERP Authentication Token Exposure Vulnerability

A vulnerability exists in Centurion ERP versions 1.12.0 prior to 1.21.0, allowing authenticated users to access all authentication token details in the database. While the actual tokens are hashed, this still poses a risk as it enables the retrieval of token details belonging to other users. The vulnerability has been patched in version 1.21.0. Users are advised to remove any authentication tokens created in the affected versions, as webmasters can do by deleting the tokens from the database.

Impact

The vulnerability allows authenticated users to view hashed authentication tokens of other users, potentially leading to unauthorized access if those tokens are exploited.

Reproduction

To reproduce this vulnerability, an authenticated user can send a request to the authentication token endpoint. The response will include all authentication tokens associated with the user, albeit in a hashed format. This can be verified by checking the token details against the database.

Remediation

Users should upgrade to Centurion ERP version 1.21.0 or later. After upgrading, it is recommended to remove any authentication tokens that were created in the affected versions. Webmasters can ensure this by deleting the tokens from the database.