Share: Email | Twitter

ID

VDE-2023-002

Published

2023-05-15 14:06 (CEST)

Last update

2023-05-15 14:06 (CEST)

Vendor(s)

MB connect line GmbH

Product(s)

Article No° Product Name Affected Version(s)
mbCONNECT24 <= 2.13.3
mymbCONNECT24 <= 2.13.3

Summary

Two vulnerabilites have been discovered in mbCONNECT24 and mbCONNECT24 in all versions through 2.13.3.

Vulnerabilities



CVE-2023-0985
8.8
Last Update
May 15, 2023, 2:06 p.m.
Severity
8.8 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Weakness
Authorization Bypass Through User-Controlled Key (CWE-639)
Summary

An Authorization Bypass vulnerability was found in MB Connect Lines mbCONNECT24, mymbCONNECT24 and Helmholz' myREX24 and myREX24.virtual version <= 2.13.3. An authenticated remote user with low privileges can change the password of any user in the same account. This allows to take over the admin user and therefore fully compromise the account.

Details
cert.vde.com 
CVE-2023-1779
4.3
Last Update
May 15, 2023, 2:06 p.m.
Severity
4.3 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)
Weakness
Exposure of Sensitive Information to an Unauthorized Actor (CWE-200)
Summary

Exposure of Sensitive Information to an unauthorized actor vulnerability in MB Connect Lines mbCONNECT24, mymbCONNECT24 and Helmholz' myREX24 and myREX24.virtual in versions <=2.13.3 allow an authorized remote attacker with low privileges to view a limited amount of another accounts contact information.

Details
cert.vde.com 

Impact

Please consult the CVE Entries.

Solution

Mitigation for CVE-2023-0985:

If you have MFA enabled on the admin user, the password will still be set, but the attacker will be unable to login as the MFA is still in place.

Remediation

Update to latest Version: 2.13.4

Reported by

CVE-2023-1779 was reported by Helmholz GmbH & Co. KG
CVE-2023-0985 was reported by Hussein Alsharafi

CERT@VDE coordinated with MB Connect Line & Helmholz