Studiometry – Unauthenticated Administrative User Creation
- Published: 26 Jul 2016
Studiometry – Unauthenticated Administrative User Creation
Share
Type
- Authentication Bypass
Severity
- High
Affected products
- Studiometry
CVE Reference
- N/A
Timeline
| 2016-07-11 | Issue reported to vendor |
| 2016-07-11 | Response received from vendor |
| 2016-07-12 | Vendor provided beta with patches for testing. Vulnerability verified as fixed in beta. |
| 2016-07-14 | Vendor notified MWR that an official patch would be released 2016-07-25. |
| 2016-07-25 | Oranged Software released official patched version 12.6.1 of Studiometry |
Description
Studiometry is a project and client management tool that is directed at small business. The tool comes in several forms with both a Windows and Mac OSX implementation. Additionally, cloud services are provided as well as an iOS mobile application. The Windows version of the application was tested but the advisory could affect the iOS and Mac OSX implementations. The configuration was that of a self-administered Studiometry server that a small business would be likely to use.
It was discovered that unauthenticated users can create any type of user for the application including administrative users.
Impact
An attacker could leverage this vulnerability to gain complete control over the Studiometry server.
Cause
The Studiometry server does not verify that a client is authenticated before accepting requests.
Solution
Update to Studiometry 12.6.1.
Technical Details
Please refer to the attached advisory above.