Open ISES Tickets Hardcoded MySQL Credentials Vulnerability

A vulnerability exists in Open ISES Tickets versions prior to 3.44.2, where hardcoded MySQL database credentials are exposed in loader.php, a public-facing database utility. These credentials, including the username, password, and database name, are committed to the source repository. Any actor with access to the public source tree or an unauthenticated attacker with read access to the file on a deployed installation can retrieve this information and use it to connect to the database if it is reachable from their network.

Impact

Exploitation of this vulnerability allows for unauthorized access to the database using the exposed credentials, potentially leading to data manipulation or extraction.

Reproduction

The vulnerability can be reproduced by accessing the loader.php file in the public source tree of an Open ISES Tickets installation prior to version 3.44.2. The hardcoded MySQL credentials can be read and used to connect to the database if it is accessible from the network.

Remediation

Users are advised to upgrade to Open ISES Tickets version 3.44.2 or later, where this vulnerability has been patched.