CVE-2023-49112
📋 TL;DR
This vulnerability in Kiuwan SAST allows authenticated users to access information about applications they shouldn't have permission to view. The API endpoint /saas/rest/v1/info/application lacks proper access controls, enabling unauthorized data exposure. This affects Kiuwan SAST users with versions before master.1808.p685.q13371.
💻 Affected Systems
- Kiuwan SAST
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Sensitive application information, intellectual property, or security findings could be exfiltrated by authenticated attackers, leading to data breaches or competitive intelligence gathering.
Likely Case
Unauthorized users within the organization can view application details, security findings, and metadata they shouldn't have access to, violating least privilege principles.
If Mitigated
With proper access controls, only authorized users can view application information, maintaining data confidentiality and compliance with security policies.
🎯 Exploit Status
Exploitation requires authenticated access but is straightforward via API calls.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: master.1808.p685.q13371 or later
Vendor Advisory: https://www.kiuwan.com/docs/display/K5/%5B2024-05-30%5D+Change+Log
Restart Required: Yes
Instructions:
1. Upgrade Kiuwan SAST to version master.1808.p685.q13371 or later. 2. Restart the Kiuwan service. 3. Verify the fix by testing API access controls.
🔧 Temporary Workarounds
Network Access Restriction
allRestrict access to the vulnerable API endpoint using network controls or web application firewalls.
Authentication Layer Enhancement
allImplement additional authentication or authorization checks at the proxy/load balancer level.
🧯 If You Can't Patch
- Implement strict network segmentation to limit access to the Kiuwan API only to authorized users.
- Monitor API access logs for unauthorized requests to the /saas/rest/v1/info/application endpoint.
🔍 How to Verify
Check if Vulnerable:
Test authenticated API access to /saas/rest/v1/info/application with different user accounts that shouldn't have access to specific applications.Check Version:
Check Kiuwan SAST version in administration interface or via API.Verify Fix Applied:
After patching, verify that unauthorized users cannot access application information via the API endpoint.📡 Detection & Monitoring
Log Indicators:
- Unauthorized access attempts to /saas/rest/v1/info/application
- Multiple application info requests from single user accounts
Network Indicators:
- HTTP GET requests to /saas/rest/v1/info/application with different application parameters
SIEM Query:
source="kiuwan" AND url_path="/saas/rest/v1/info/application" AND user NOT IN authorized_users