SmartBI Default Login Scanner
This scanner detects the use of SmartBI in digital assets. It identifies potential vulnerabilities related to default login configurations, ensuring better security management.
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
1 minute
Time Interval
26 days 13 hours
Scan only one
Domain, IPv4, Subdomain
Toolbox
-
SmartBI is a business intelligence platform used globally by enterprises for data analysis, visualization, and decision-making. It supports integration with various data sources, providing real-time analytics and reporting. Commonly used by data analysts and business decision-makers, SmartBI enhances operational efficiency by offering insights through dashboards and reports. Its user-friendly interface and robust features make it a popular choice for businesses aiming for data-driven strategies. With wide adoption, it's vital for organizations using SmartBI to ensure that their instance is secure against vulnerabilities.
The default login vulnerability in SmartBI is a misconfiguration that allows unauthorized users to gain access using default credentials. This is often due to not changing the initial username and password after setup. Attackers can exploit this weakness to access sensitive data and gain control over the application. By identifying such default credentials, security teams can mitigate potential unauthorized access. Ensuring that default login settings are addressed is crucial in maintaining the integrity of SmartBI systems.
Technical details of the vulnerability include exposure to endpoints that utilize default login mechanisms, especially those endpoints dealing with user authentication. The vulnerability primarily exists in endpoints accessed during the login process, as seen in the use of default roles like "system," "service," and "public." Such weaknesses are exacerbated when the corresponding HTTP responses reflect successful login attempts, indicated by certain response codes and patterns in headers and bodies.
If exploited, this vulnerability can lead to unauthorized data access, data breaches, and potentially full control over the SmartBI instance. Malicious users might access confidential business data, manipulate reports, or disrupt services. The integrity of the business's decision-making data could be compromised, leading to financial and reputational damage. Ensuring robust security by addressing default login issues is essential for protecting data and maintaining trust.
REFERENCES
- https://mp.weixin.qq.com/s?__biz=MzIwMDk1MjMyMg==&mid=2247491565&idx=1&sn=eb2af62a72167c6f82ae8ec3db878511
- https://github.com/zan8in/afrog/blob/main/v2/pocs/afrog-pocs/vulnerability/smartbi-default-user-weakpass.yaml
- https://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/Smartbi%20%E7%99%BB%E5%BD%95%E7%BB%95%E8%BF%87%E6%BC%8F%E6%B4%9E.md
