Uploaded image for project: 'DSpace'
  1. DSpace
  2. DS-2917

Backdoor access to admin area from a normal user via a specific link

    Details

    • Type: Bug
    • Status: Volunteer Needed (View Workflow)
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 5.2, 5.3, 5.4, 6.0
    • Fix Version/s: None
    • Component/s: JSPUI
    • Labels:
    • Environment:
      demo web site
    • Attachments:
      0
    • Comments:
      2
    • Documentation Status:
      Not Required

      Description

      Our security team detected a bug that allows a normal user to gain access to some admin pages, it involves putting a certain link after signing in.

      These are the steps required to reproduce the issue with the Demo website.
      1.- Go to the dspace demo website http://demo.dspace.org/jspui/ (right now it has a 5.4 Dspace implementation)
      2.- Sign in as a normal user (for example I created a new user dspacedemo+giga.lynx@gmail.com )
      3.- Put the following link in the web browser http://demo.dspace.org/jspui/tools/authorize
      4.- As a result we are getting a "Administer Authorization Policies" page that belongs to the admin user

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              ccaloca Carlos Caloca
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated: