Uploaded image for project: 'Magnolia'
  1. Magnolia
  2. MAGNOLIA-7707

Login Console accessible publicly

    XMLWordPrintable

Details

    • Bug
    • Resolution: Not an issue
    • Critical
    • None
    • 6.0
    • admininterface
    • None
    • all the environments

    Description

      It is observed that Magnolia Author, login page can be accessed externally for the websites, which uses Magnolia CMS in backend to manage the content. Once accessible, the same login page can be brute forced by attackers to get into the system and perform delete, modify, deface etc. It can be done in case the website is using default credentials e.g. superuser, eric, peter (which are available publicly). 

      Steps: 1. Access any website which uses Magnolia CMS in backend.

      Step: 2. take any url which resolve to any magnolia page, and craft a request with OPTION method.

      Step .3. As in the backend OPTION method will be disable, and user will get a 403 error. But along with this error, the response page will contain Magnolia login form.

       

      Step 4. Enter valid credentials , or brute force. 

      Step 5. If success, will allow to access Magnolia from public facing resource.

       

      Checklists

        Acceptance criteria

        Attachments

          Activity

            People

              miruela Mercedes Iruela
              mishravineet.viet07@gmail.com Vineet Mishra
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Checklists

                  Bug DoR
                  Task DoD