Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "AEM Login Status" module is a test case designed to detect vulnerabilities in Adobe Experience Manager (AEM) web applications. It specifically targets the LoginStatusServlet, which is exposed and can potentially be exploited to perform brute force attacks on user credentials. The severity of this vulnerability is informative, indicating that it may not pose an immediate threat but should still be addressed to ensure the security of the application.
This module was authored by DhiyaneshDk.
If the LoginStatusServlet is left exposed and vulnerable, it can allow malicious actors to attempt brute force attacks on user credentials. This can lead to unauthorized access to the application and compromise the security and privacy of user data.
The "AEM Login Status" module utilizes HTTP request templates and matching conditions to identify the presence of the LoginStatusServlet and potential vulnerabilities. It sends a GET request to the following paths:
/system/sling/loginstatus
/system/sling/loginstatus.css
///system///sling///loginstatus
The module then applies the following matching conditions:
- Check if the response status is 200 (OK). - Check if the response contains the word "CREDENTIAL_CHALLENGE".If both conditions are met, the module will report a vulnerability.
For more information on this vulnerability, you can refer to the following resources:
- https://www.slideshare.net/0ang3el/hunting-for-security-bugs-in-aem-webapps-129262212 - https://github.com/thomashartm/burp-aem-scanner/blob/master/src/main/java/burp/actions/dispatcher/Lo