Salesforce Applications Vulnerability Let Attackers Takeover The Accounts
- С сайта: Vulnerability(cybersecuritynews.com)
- Вернуться к списку новостей
С сайта: Vulnerability(cybersecuritynews.com)
A recent penetration test conducted on Salesforce Communities revealed critical vulnerabilities that could allow attackers to take over user accounts.
The security assessment, performed on multiple Salesforce instances, uncovered several issues related to misconfigured objects and broken access controls.
The investigation found that many standard and custom Salesforce objects were improperly configured, allowing unauthorized access to sensitive data.
0xbro researchers observed that this level of access could provide attackers with a wealth of information for further exploitation or social engineering attacks.
.webp)
Salesforce Overview (Source – 0xbro)
Technical Analysis
The researcher discovered that certain object IDs could be used to directly download files that were meant to be restricted.
The most severe finding was a broken access control issue in a custom Apex controller named CA_ChangePasswordSettingController.
This controller exposed a resetPassword method that only required two parameters:-
Alarmingly, this method did not require the user’s current password or any form of authentication token. An attacker with knowledge of a user’s ID could potentially reset any account’s password, leading to full account takeover.
The researcher was able to demonstrate the severity of this vulnerability by:-
This vulnerability essentially bypassed all intended security measures for password resets, putting every user account at risk of unauthorized access.
Here below we have mentioned all the recommendations:-
This incident highlights the importance of rigorous security testing for Salesforce implementations, especially when dealing with custom development and complex permission models.
Organizations using Salesforce should prioritize regular security assessments to identify and mitigate such vulnerabilities before they can be exploited by malicious actors.
#Cyber_Security_News #Vulnerability #cyber_security_news #vulnerability
Оригинальная версия на сайте:
Salesforce Applications Vulnerability Let Attackers Takeover The Accounts
Author: Tushar Subhra DuttaA recent penetration test conducted on Salesforce Communities revealed critical vulnerabilities that could allow attackers to take over user accounts.
The security assessment, performed on multiple Salesforce instances, uncovered several issues related to misconfigured objects and broken access controls.
The investigation found that many standard and custom Salesforce objects were improperly configured, allowing unauthorized access to sensitive data.
- Customer PII from Contact objects
- Account information including names, emails, and IDs
- Personal notes from Note objects
- Exposed files from Document, ContentDocument, and ContentVersion objects
- Calendar events and other sensitive data from various objects
0xbro researchers observed that this level of access could provide attackers with a wealth of information for further exploitation or social engineering attacks.
Salesforce Overview (Source – 0xbro)Technical Analysis
The researcher discovered that certain object IDs could be used to directly download files that were meant to be restricted.
The most severe finding was a broken access control issue in a custom Apex controller named CA_ChangePasswordSettingController.
This controller exposed a resetPassword method that only required two parameters:-
- userID
- newPassword
Alarmingly, this method did not require the user’s current password or any form of authentication token. An attacker with knowledge of a user’s ID could potentially reset any account’s password, leading to full account takeover.
The researcher was able to demonstrate the severity of this vulnerability by:-
- Extracting user IDs from the exposed User object
- Crafting a request to the vulnerable resetPassword method
- Successfully changing a test user’s password without proper authentication
This vulnerability essentially bypassed all intended security measures for password resets, putting every user account at risk of unauthorized access.
Here below we have mentioned all the recommendations:-
- Conduct a thorough review of object and field-level security settings
- Implement proper authentication checks for all password reset functionalities
- Restrict access to sensitive API endpoints and file download routes
- Regularly audit custom Apex controllers for security issues
- Implement strong input validation and access controls on all custom methods
This incident highlights the importance of rigorous security testing for Salesforce implementations, especially when dealing with custom development and complex permission models.
Organizations using Salesforce should prioritize regular security assessments to identify and mitigate such vulnerabilities before they can be exploited by malicious actors.
#Cyber_Security_News #Vulnerability #cyber_security_news #vulnerability
Оригинальная версия на сайте:
