Open ISES Tickets TLS Certificate Verification Vulnerability in Login Authentication Flow

A vulnerability exists in Open ISES Tickets versions prior to 3.44.2, where the application disables TLS certificate verification during the login and authentication process. This is achieved by setting CURLOPT_SSL_VERIFYPEER to false and not configuring CURLOPT_SSL_VERIFYHOST when making outbound HTTPS requests. As a result, an attacker positioned in the network path can present a forged certificate to intercept, monitor, or modify the transmitted data, including API keys and session-related information.

Impact

This vulnerability allows for improper certificate validation, enabling man-in-the-middle attacks that could intercept or alter sensitive data during transmission.

Reproduction

The vulnerability can be reproduced by logging into Open ISES Tickets versions prior to 3.44.2. During the login process, the application will disable TLS certificate verification, allowing an attacker to intercept and modify the data being sent and received, including any session-related information or API keys.

Remediation

Users are advised to upgrade to Open ISES Tickets version 3.44.2 or later, where this vulnerability has been patched.