CVE-2019-13338 : Security Advisory and Response
Learn about CVE-2019-13338 affecting WESEEK GROWI before version 3.5.0. Understand the impact, exploitation method, and mitigation steps to secure your systems.
WESEEK GROWI before version 3.5.0 allows a remote attacker to obtain the password hash of a page creator through API requests, exploiting wiki access.
Understanding CVE-2019-13338
What is CVE-2019-13338?
In WESEEK GROWI prior to version 3.5.0, attackers can retrieve the password hash of a page creator by leveraging wiki access and making API calls for page metadata.
The Impact of CVE-2019-13338
The vulnerability enables unauthorized access to sensitive password information, compromising user security and potentially leading to unauthorized account access.
Technical Details of CVE-2019-13338
Vulnerability Description
- External attackers can acquire the password hash of a page creator by exploiting wiki access and making API requests.
Affected Systems and Versions
- WESEEK GROWI versions before 3.5.0 are vulnerable to this exploit.
Exploitation Mechanism
- Attackers exploit wiki access and utilize API calls to retrieve page metadata, allowing them to obtain the password hash.
Mitigation and Prevention
Immediate Steps to Take
- Upgrade to version 3.5.0 or later to mitigate the vulnerability.
- Monitor access logs for any suspicious activity related to API requests.
Long-Term Security Practices
- Implement strong password policies and encourage users to use unique, complex passwords.
- Regularly review and update access controls to prevent unauthorized access.
Patching and Updates
- Apply security patches promptly to ensure protection against known vulnerabilities.