Vulnerability Summary
An Insecure Direct Object Reference (IDOR) vulnerability in the organization API allows authenticated users to manipulate the identifier parameter and retrieve plaintext SFTP credentials belonging to other users or organizations, potentially leading to unauthorized access to sensitive files stored on the SFTP server.
The application under review includes a feature enabling administrators to import files from an SFTP server. This operation requires authentication to the SFTP service using valid credentials tied to a specific organizational account.
The application's workflow involves obtaining SFTP credentials via an internal API endpoint. Once retrieved, these credentials are used to establish a connection to the SFTP server, allowing access to files within the designated user directory.
Given the reliance on dynamically retrieved credentials from the backend, securing the API endpoints that provide these credentials is paramount.
hackerone-reportsHackerOne disclosed report --> https://hackerone.com/reports/3467641 by perxibes
pyus3rAn IDOR vulnerability in a notification configuration endpoint allows an authenticated attacker to modify org_id and username_id to access sensitive user data from other organizations (email, phone, role, etc.).
hackerone-reportsHackerOne disclosed report --> https://hackerone.com/reports/2541962 by giwadaoud
No comments yet.
Be the first to share your thoughts
Log in to join the discussion.
Sign In