[Security][Critical Risk] WAPT-C-1: Default Admin Account Can Reappear #1 #90
Labels
security
Pull requests that address a security vulnerability
Comments
tostart-pickagreatname
added
the
security
tostart-pickagreatname
changed the title
|
Could not reproduce in |
|
Cannot reproduce in the container. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Vulnerability Summary
Testers discovered a scenario in which the default admin account can reappear even after being deleted--this is especially dangerous since the default admin account has a static and well-known password.
Analysis of the Attack
The tester followed these steps to produce this issue:
o Set up the environment via the docker process
o Authenticate to the Portal
o Create a new Admin
o Log out of the default admin and log into the new Admin account o Delete the default admin account
o Log out of the application
o Log into the app with the default admin account -- note that the user id is incremented for
that account
Note: It appears as though changing the default admin password before deletion prevents this, but this is not a valid fix.
The text was updated successfully, but these errors were encountered: