S4E

CVE-2021-38146 Scanner

CVE-2021-38146 Scanner - Arbitrary File Download vulnerability in Wipro Holmes Orchestrator

Short Info


Level

High

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

25 days 12 hours

Scan only one

URL

Toolbox

-

Wipro Holmes Orchestrator is an advanced platform designed for automating processes in various industries including banking, healthcare, and utilities. It is used by businesses seeking efficient operational workflows and enhanced decision-making capabilities. The platform's powerful API allows seamless integration with existing systems, increasing the productivity of enterprises. Holmes Orchestrator uses AI-powered solutions to analyze large datasets for predictive insights, aiding strategic planning. Its versatile framework can support diverse applications, making it popular among multinational corporations. However, its complexity necessitates vigilance to ensure robust security measures are in place.

The arbitrary file download vulnerability in question is a critical flaw that allows unauthorized users to access and download sensitive files from the server. It occurs due to improper validation of input data in the File Download API, leading to absolute path traversal issues. The vulnerability can be exploited by manipulating the `SearchString` JSON field in the POST request to the `/home/download` endpoint. Such exploitation could lead to significant data breaches and potentially compromise classified information. Remote attackers can leverage this flaw easily due to its low complexity, making it a high-risk threat for organizations using this software.

This vulnerability is technically significant due to the simplicity of the attack mechanism and the high impact it can have. The POST method in the HTTP request includes a JSON-encoded data body where the `SearchString` parameter can be manipulated. By altering this parameter to include an absolute file path, an attacker could retrieve arbitrary files from the server's file system. Successful attacks necessitate specific conditions, such as identifying the correct file paths, yet they do not require user authentication. Therefore, the vulnerability represents a serious security breach that requires urgent attention.

Exploiting this vulnerability could have dire consequences for an organization. Unauthorized access and download of sensitive files may lead to data leaks, impacting the company's reputation and resulting in legal repercussions. It could also expose intellectual property, competitive intelligence, and personal data of customers or employees. Additionally, compromised data integrity can disrupt business operations and incur financial losses. The vulnerability could further serve as a vector for more severe attacks, such as a denial-of-service or injection-based attacks, amplifying the risk to targeted systems.

REFERENCES

Get started to protecting your Free Full Security Scan