eFront <= 3.6.10 Authentication Bypass / Privilege Escalation Vulnerability

Description:

eFront contains a flaw related to the index.php script which fails to properly sanitize user-supplied input passed via the ‘cookie_login’ cookie parameter before use it to instanciate a new user object. This can be exploited to bypass the authentication mechanism and to escalate privilege.

References:

• BID-50391
• EDB-18036
• http://forum.efrontlearning.net/viewtopic.php?t=3501

Disclosure Date:

October 27, 2011