Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

AEM UserInfo Servlet Credentials Exposure

By kannthu

Informative
Vidoc logoVidoc Module
#aem#bruteforce
Description

What is the "AEM UserInfo Servlet Credentials Exposure?"

The "AEM UserInfo Servlet Credentials Exposure" module is designed to detect a vulnerability in Adobe Experience Manager (AEM). This module targets the AEM UserInfoServlet, which is exposed and can be exploited by attackers to perform brute force attacks on user credentials. The severity of this vulnerability is informative, indicating that it may not pose an immediate threat but should still be addressed to prevent potential security breaches.

This module was authored by DhiyaneshDk.

Impact

If successfully exploited, this vulnerability allows attackers to gain unauthorized access to user accounts in the AEM system. By leveraging the exposed UserInfoServlet, attackers can perform brute force attacks to guess valid usernames and potentially gain control over user accounts with weak or easily guessable passwords.

How the module works?

The "AEM UserInfo Servlet Credentials Exposure" module works by sending a specific HTTP request to the targeted AEM system. The request is sent to the "/libs/cq/security/userinfo.json" endpoint using the GET method. The module then applies several matching conditions to determine if the vulnerability is present.

The matching conditions include:

- Checking if the HTTP response status is 200 (OK). - Verifying if the response body contains the words "\"userID\":" and "\"userName\":". - Ensuring that the response header includes the word "application/json".

If all of these conditions are met, the module identifies the vulnerability and reports it as a potential security issue.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/libs/cq/security/us...
Matching conditions
status: 200and
word: "userID":, "userName":and
word: application/json
Passive global matcher
No matching conditions.
On match action
Report vulnerability