CVE-2024-50334 Scanner
CVE-2024-50334 Scanner - Authentication Bypass vulnerability in Scoold
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
25 days 20 hours
Scan only one
Domain, Subdomain, IPv4
Toolbox
-
Scoold is a widely-used Q&A and knowledge-sharing platform designed for team collaboration. It facilitates the exchange of ideas, solutions, and information within an organization, enhancing teamwork and productivity. Companies and educational institutions utilize Scoold to manage knowledge, increase engagement, and streamline communication. The platform allows users to create, share, and discuss a variety of content, making it an essential tool for knowledge management. Its intuitive interface and versatile features support both small teams and large enterprises. As it caters to diverse industries, Scoold becomes a part of daily operations and strategic decision-making.
The authentication bypass vulnerability in Scoold allows unauthorized users to gain access to sensitive configuration data by manipulating specific HTTP requests. This vulnerability is introduced due to insufficient validation in request handling at the `/api;/config` endpoint. Attackers can exploit this vulnerability by appending a semicolon in the URL, successfully evading authentication mechanisms. Once bypassed, attackers may access sensitive data which can be used for further exploitation. This vulnerability poses a significant risk as it exposes critical internal configurations to potential malicious actors.
The vulnerability in Scoold arises from a semicolon path injection at the `/api;/config` endpoint. Attackers exploit this by appending a semicolon in HTTP requests, which Scoold misinterprets, effectively bypassing authentication checks. Another aspect of the vulnerability involves sending PUT requests with a `Content-Type` of `application/hocon`, enabling unauthenticated users to perform file reading via HOCON file inclusion. This technical fault allows unauthorized users to retrieve sensitive configuration files that could facilitate additional attacks. Scoold has addressed this issue in version 1.64.0, and recommends disabling the API as a circumvention for those unable to update immediately.
If successfully exploited, this vulnerability allows attackers unauthorized access to sensitive configuration data stored on the server. The exposure of internal data may lead to a leak of organizational secrets or credentials. Attackers could use the obtained data to launch further attacks, compromising the security and integrity of the platform and potentially the organization's operations. Unauthorized access may result in data breaches, leading to a loss of trust or legal ramifications for failing to protect sensitive information. Corrective measures are essential to prevent exploitation and mitigate potential damage.
REFERENCES