Debezium UI 2.5 Credential Disclosure

2024.05.24

Credit: Ihsan Cetin

Risk: Medium

Local: No

Remote: Yes

CVE: CVE-2024-28736

CWE: N/A

# Exploit Title: Debezium UI - Credential Leakage
# Google Dork: N/A
# Date: [2024-03-11]
# Exploit Author: Ihsan Cetin, Hamza Kaya Toprak
# Vendor Homepage: https://debezium.io/
# Software Link: N/A
# Version: < 2.5 (REQUIRED)
# Tested on: [N/A]
# CVE : CVE-2024-28736
Proof of concept:
# Details
#Debezium-ui (version 2.5) is vulnerable to a password exposure issue that could allow an attacker to retrieve sensitive credentials in plaintext format.
# PoC :
#Unmasked Password in Connector Configuration: When navigating to the connectors section within the application's connector screen, the password field, which should ideally be masked for security purposes, is briefly displayed in plaintext format during the initial seconds.
# Plaintext Password Retrieval via API Endpoint: By accessing the URL
http://10.0.15.51:8080//api/connectors/1/account-activity/config
#and searching for the database.password parameter, an attacker can retrieve the database password in plaintext format without any authentication.

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Debezium UI 2.5 Credential Disclosure

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.