CVE-2022-23342 - OpenCVE

The Hyland Onbase Application Server releases prior to 20.3.58.1000 and OnBase releases 21.1.1.1000 through 21.1.15.1000 are vulnerable to a username enumeration vulnerability. An attacker can obtain valid users based on the response returned for invalid and valid users by sending a POST login request to the /mobilebroker/ServiceToBroker.svc/Json/Connect endpoint. This can lead to user enumeration against the underlying Active Directory integrated systems.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Hyland	Onbase

Configuration 1 [-]

OR	cpe:2.3:a:hyland:onbase::::::::
	cpe:2.3:a:hyland:onbase::::::::

References

Link	Resource
https://community.hyland.com/login?returnUrl=/connect/hyland-research-and-development/security-advisories/username-enumeration-in-onbase	Permissions Required Vendor Advisory
https://github.com/InitRoot/CVE-2022-23342	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-06-21T13:29:21

Updated: 2022-06-21T13:29:21

Reserved: 2022-01-18T00:00:00

Link: CVE-2022-23342

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-06-21T14:15:08.030

Modified: 2022-06-29T13:27:13.160

Link: CVE-2022-23342

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "The Hyland Onbase Application Server releases prior to 20.3.58.1000 and OnBase releases 21.1.1.1000 through 21.1.15.1000 are vulnerable to a username enumeration vulnerability. An attacker can obtain valid users based on the response returned for invalid and valid users by sending a POST login request to the /mobilebroker/ServiceToBroker.svc/Json/Connect endpoint. This can lead to user enumeration against the underlying Active Directory integrated systems."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-06-21T13:29:21", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/InitRoot/CVE-2022-23342"}, {"tags": ["x_refsource_MISC"], "url": "https://community.hyland.com/login?returnUrl=/connect/hyland-research-and-development/security-advisories/username-enumeration-in-onbase"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-23342", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Hyland Onbase Application Server releases prior to 20.3.58.1000 and OnBase releases 21.1.1.1000 through 21.1.15.1000 are vulnerable to a username enumeration vulnerability. An attacker can obtain valid users based on the response returned for invalid and valid users by sending a POST login request to the /mobilebroker/ServiceToBroker.svc/Json/Connect endpoint. This can lead to user enumeration against the underlying Active Directory integrated systems."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/InitRoot/CVE-2022-23342", "refsource": "MISC", "url": "https://github.com/InitRoot/CVE-2022-23342"}, {"name": "https://community.hyland.com/login?returnUrl=/connect/hyland-research-and-development/security-advisories/username-enumeration-in-onbase", "refsource": "MISC", "url": "https://community.hyland.com/login?returnUrl=/connect/hyland-research-and-development/security-advisories/username-enumeration-in-onbase"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-23342", "datePublished": "2022-06-21T13:29:21", "dateReserved": "2022-01-18T00:00:00", "dateUpdated": "2022-06-21T13:29:21", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hyland:onbase:*:*:*:*:*:*:*:*", "matchCriteriaId": "A8B0B601-B33E-4F66-9C1D-228E28221432", "versionEndExcluding": "20.3.58.1000", "vulnerable": true}, {"criteria": "cpe:2.3:a:hyland:onbase:*:*:*:*:*:*:*:*", "matchCriteriaId": "9DBFFD25-607A-400B-9A50-B745275C6E96", "versionEndIncluding": "21.1.15.1000", "versionStartIncluding": "21.1.1.1000", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Hyland Onbase Application Server releases prior to 20.3.58.1000 and OnBase releases 21.1.1.1000 through 21.1.15.1000 are vulnerable to a username enumeration vulnerability. An attacker can obtain valid users based on the response returned for invalid and valid users by sending a POST login request to the /mobilebroker/ServiceToBroker.svc/Json/Connect endpoint. This can lead to user enumeration against the underlying Active Directory integrated systems."}, {"lang": "es", "value": "Hyland Onbase Application Server versiones anteriores a 20.3.58.1000 y OnBase versiones 21.1.1.1000 hasta 21.1.15.1000, son susceptibles a una vulnerabilidad de enumeraci\u00f3n de nombres de usuario. Un atacante puede obtener usuarios v\u00e1lidos bas\u00e1ndose en la respuesta devuelta para usuarios no v\u00e1lidos y v\u00e1lidos mediante el env\u00edo de una petici\u00f3n POST de inicio de sesi\u00f3n al endpoint /mobilebroker/ServiceToBroker.svc/Json/Connect. Esto puede conllevar a una enumeraci\u00f3n de usuarios contra los sistemas integrados de Active Directory subyacentes"}], "id": "CVE-2022-23342", "lastModified": "2022-06-29T13:27:13.160", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-06-21T14:15:08.030", "references": [{"source": "cve@mitre.org", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://community.hyland.com/login?returnUrl=/connect/hyland-research-and-development/security-advisories/username-enumeration-in-onbase"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/InitRoot/CVE-2022-23342"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}