Reprise License Manager 14.2 - Authentication Bypass
ID: CVE-2021-44152
Severity: critical
Author: Akincibor
Tags: cve,cve2021,packetstorm,rlm,auth-bypass,reprisesoftware
Description
Section titled “Description”Reprise License Manager (RLM) 14.2 does not verify authentication or authorization and allows unauthenticated users to change the password of any existing user.
YAML Source
Section titled “YAML Source”id: CVE-2021-44152
info: name: Reprise License Manager 14.2 - Authentication Bypass author: Akincibor severity: critical description: | Reprise License Manager (RLM) 14.2 does not verify authentication or authorization and allows unauthenticated users to change the password of any existing user. impact: | Successful exploitation of this vulnerability could allow an attacker to bypass authentication and gain unauthorized access to the Reprise License Manager. remediation: | Apply the latest security patch or upgrade to a patched version of Reprise License Manager to mitigate this vulnerability. reference: - https://reprisesoftware.com/admin/rlm-admin-download.php?&euagree=yes - http://packetstormsecurity.com/files/165186/Reprise-License-Manager-14.2-Unauthenticated-Password-Change.html - https://nvd.nist.gov/vuln/detail/CVE-2021-44152 - https://www.reprisesoftware.com/RELEASE_NOTES - https://github.com/anonymous364872/Rapier_Tool classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-44152 cwe-id: CWE-306 epss-score: 0.86031 epss-percentile: 0.98489 cpe: cpe:2.3:a:reprisesoftware:reprise_license_manager:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: reprisesoftware product: reprise_license_manager shodan-query: - http.html:"Reprise License Manager" - http.html:"reprise license" - http.html:"reprise license manager" fofa-query: - body="reprise license manager" - body="reprise license" google-query: inurl:"/goforms/menu" tags: cve,cve2021,packetstorm,rlm,auth-bypass,reprisesoftware
http: - method: GET path: - "{{BaseURL}}/goforms/menu"
matchers-condition: and matchers: - type: word part: body words: - "RLM Administration Commands"
- type: status status: - 200# digest: 4b0a00483046022100e8ee0920465064ba29dc8e2c03b4cff2591db23672791ef176b0fdab7c85eb81022100f2a73205cf0616b0f2431e66ef6e097e948e03b706e3a5e2f22bc31a90b2a929:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/cves/2021/CVE-2021-44152.yaml"