Semantic Machines Veda Authentication Bypass Vulnerability

An authentication bypass vulnerability has been identified in Semantic Machines Veda version 5.4.8, and likely all prior versions. The issue arises because the software fails to properly validate the 'ticket' parameter in HTTP requests, allowing attackers to send crafted requests to various API endpoints and bypass authentication. This vulnerability was discovered during a security review of the code, where it was found that an empty 'ticket' value was accepted as valid.

Impact

Exploiting this vulnerability allows for authentication bypass, enabling unauthorized access to the application.

Reproduction

To reproduce this vulnerability, send an HTTP request to one of the affected API endpoints, such as '/get_individual' or '/get_membership', including an empty 'ticket' parameter. The request will bypass authentication and return data associated with the specified user role, such as 'Administrator' or 'SuperUser'.