Zhiyuan OA Information Disclosure Scanner

Zhiyuan OA is an office automation software used by businesses and various organizations to enhance productivity and streamline operations. It is commonly deployed in corporate environments where it facilitates document management, workflow automation, and communication among employees. Zhiyuan OA is utilized by IT departments to manage internal processes and maintain critical business operations. Businesses select practical and efficient solutions often due to its customizable features. This software is applicable across various industries, including finance, healthcare, and government agencies. It aims to integrate different functions and departments within an organization to improve efficiency.

Information Disclosure vulnerabilities typically allow unauthorized access to sensitive information that should be protected from exposure. This particular vulnerability in Zhiyuan OA enables remote unauthenticated users to gain access to session details. Attackers can exploit such vulnerabilities to harvest data, which might include user IDs and session IDs, potentially leading to further exploitation. The disclosure of session data can compromise the confidentiality and integrity of the information being handled by the affected system. It poses a medium-level severity risk that demands prompt attention to avoid misuse of accessible sensitive data. This vulnerability is indicative of inadequate security measures safeguarding sensitive endpoints in the software.

The vulnerability is found in the 'getSessionList.jsp' endpoint of Zhiyuan OA, which is accessible without authentication. When accessed with the appropriate request, this endpoint reveals session information, including user and session IDs. The compromised endpoint lacks proper access control, allowing anyone to retrieve the data without necessary security checks. The response containing these details returns a 200 HTTP status code, indicating successful data retrieval. Attackers can automate the exploitation process to continually monitor or harvest data without detection. Addressing this vulnerability requires implementing strict access controls and ensuring sensitive endpoints are secured from unauthorized access.

If exploited by malicious actors, this vulnerability can lead to unauthorized access to user sessions, potentially allowing attackers to impersonate users or gain privileged access to the system. It could facilitate an escalation of privileges, enabling further attacks within the network. Information disclosed could be leveraged for targeted phishing attacks against employees utilizing the software. Continuous unauthorized access may disrupt the operations of the organization by compromising critical information systems. The overall risk includes financial loss, reputational damage, and loss of consumer trust due to data breaches or misuse of private information.

REFERENCES

• https://www.zhihuifly.com/t/topic/3345