The following is a list of vulnerabilities in TARGIT:
XML parser allows load of external entities (XXE attack)
Reported on 12th of August 2024 and not registered under NVD.
The XML parser in TARGIT may be used to inject malicious content into an XML file to gain unauthorized access to files and resources on the server or perform DOS attacks.
Affected versions: The vulnerability affects TARGIT Anywhere in build 24.06.19002 (TARGIT Decision Suite 2024 June) or older.
Mitigation: The vulnerability has been closed in build 24.09.03003 (TARGIT Decision Suite 2024 – September) and future builds.
Fetching files from outside the VFS
Reported on 23rd of May 2024 and registered under NVD on CVE-2024-36427.
By prepending the VFS path with //, it is possible to request other files from the server outside the VFS.
Affected versions: The vulnerability affects the TARGIT Server in build 24.05.03003 (TARGIT Decision Suite 2024 April) or older.
Mitigation: The vulnerability has been closed in build 24.06.19002 (TARGIT Decision Suite 2024 – June) and future builds.
Exposed session tokens
Reported on 21st of May 2024 and registered under NVD on CVE-2024-36426.
Many of the functions in TARGIT Anywhere are passing the SessionID in the URL. E.g. “/anywhere/Session/GetExisting?session=f45b1c58-274c-488c-81e7-7ac948bfee7d”. This is a security threat since URLs can be stored locally in browsers, shared by accident, or sniffed while in transit to hijack other user sessions.
Affected versions: The vulnerability only affects TARGIT Anywhere in build 23.02.15012 (TARGIT Decision Suite 2022 Winter Update 2) or older.
Mitigation: The vulnerability has been closed in build 23.08.31502 (TARGIT Decision Suite 2023 – August) and future builds.
Comments
Please sign in to leave a comment.