MantisBT SOAP API Information Disclosure Vulnerability - June16 (Linux)

Published: 2016-06-03 11:58:33
CVE Author: NIST National Vulnerability Database (NVD)

CVSS Base Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Summary:
This host is installed with MantisBT and is prone to an incomplete blacklist vulnerability.

Detection Method:
Checks if a vulnerable version is present on the target host.

Technical Details:
The flaw is due to an incomplete blacklist vulnerability in the config_is_private function in 'config_api.php script' . When a new config is added or an existing one is renamed, the black list must be updated accordingly. If this is not or incorrectly done, the config becomes available via SOAP API

Impact:
Successful exploitation will allow attackers to obtain sensitive master salt configuration information via a SOAP API request.

Affected Versions:
MantisBT versions 1.3.x before 1.3.0 on Linux

Recommendations:
Upgrade to MantisBT version 1.3.0-rc.2 or later.

Solution Type:
Vendor Patch

Detection Type:
Remote Banner Unreliable

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)

https://nvd.nist.gov/vuln/detail/CVE-2014-9759

References:

http://www.openwall.com/lists/oss-security/2016/01/02/1
https://mantisbt.org/bugs/view.php?id=20277

Search
Severity
Medium
CVSS Score
5.0

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.