Monday, November 22, 2021

Wipro Holmes Orchestrator 20.4.1 Report Disclosure

# Exploit Title: Wipro Holmes Orchestrator 20.4.1 Unauthenticated Excel Report Download
# Date: 09/08/2021
# Exploit Author: Rizal Muhammed @ub3rsick
# Vendor Homepage:
# Version: 20.4.1
# Tested on: Windows 10 x64
# CVE : CVE-2021-38147

In the Wipro Holmes Orchestrator 20.4.1 application, if at some point some user has exported any of the Reports as excel, these files remain in the server. When an unauthenticated user attempts to access any of the below endpoints such files are downloaded. Details of the vulnerable endpoints and the information exposed by the reports from these endpoints are provided below.

User Report:-
API: http://HOLMES_ORCH_HOST:PORT/processexecution/DownloadExcelFile/User_Report_Excel
Exposed Information: Username, Email, Role, First Name, Last Name, User Level and User Domain of different users.

Domain Credentials Report:-
API: http://HOLMES_ORCH_HOST:PORT/processexecution/DownloadExcelFile/Domain_Credential_Report_Excel
Exposed Information: Domain Credential Names, Type, Domain Names

Other Endpoints:-


Copyright © 2021 Vulnerability Database | Cyber Details™

thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore