CVE-2022-25152
ITarian - Any user with a valid session token can create and execute agent procedures and bypass mandatory approvals
We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
ITarian - Any user with a valid session token can create and execute agent procedures and bypass mandatory approvals
| Assigner | DIVD |
| Reserved | 2022-02-14 |
| Published | 2022-06-08 |
| Updated | 2024-09-17 |
The ITarian platform (SAAS / on-premise) offers the possibility to run code on agents via a function called procedures. It is possible to require a mandatory approval process. Due to a vulnerability in the approval process, present in any version prior to 6.35.37347.20040, a malicious actor (with a valid session token) can create a procedure, bypass approval, and execute the procedure. This results in the ability for any user with a valid session token to perform arbitrary code execution and full system take-over on all agents.
| CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
This issue was discovered by Wietse Boonstra & Hidde Smit of DIVD.
https://csirt.divd.nl/DIVD-2021-00037
https://csirt.divd.nl/CVE-2022-25152
