Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "AEM UserInfo Servlet Credentials Exposure" module is designed to detect a vulnerability in Adobe Experience Manager (AEM). This module targets the AEM UserInfoServlet, which is exposed and can be exploited by attackers to perform brute force attacks on user credentials. The severity of this vulnerability is informative, indicating that it may not pose an immediate threat but should still be addressed to prevent potential security breaches.
This module was authored by DhiyaneshDk.
If successfully exploited, this vulnerability allows attackers to gain unauthorized access to user accounts in the AEM system. By leveraging the exposed UserInfoServlet, attackers can perform brute force attacks to guess valid usernames and potentially gain control over user accounts with weak or easily guessable passwords.
The "AEM UserInfo Servlet Credentials Exposure" module works by sending a specific HTTP request to the targeted AEM system. The request is sent to the "/libs/cq/security/userinfo.json" endpoint using the GET method. The module then applies several matching conditions to determine if the vulnerability is present.
The matching conditions include:
- Checking if the HTTP response status is 200 (OK). - Verifying if the response body contains the words "\"userID\":" and "\"userName\":". - Ensuring that the response header includes the word "application/json".If all of these conditions are met, the module identifies the vulnerability and reports it as a potential security issue.