CVE-2022-27968

Vulnerability

A crafted GET request sent to the /WebApp/SettingsFileMonitor/GetFileMonitorProfiles endpoint in Cynet 360 Web Portal before v4.5 allows an attacker to enumerate file monitoring profiles and associated file paths without proper authorization [1]. The vulnerability exists due to missing access controls on this API endpoint.

Exploitation

An attacker can exploit this by sending a direct GET request to the vulnerable endpoint. No authentication or special privileges are required; the attacker only needs network access to the Cynet 360 Web Portal. The response contains the list of file monitor profiles and monitored file paths [1].

Impact

Successful exploitation results in unauthorized information disclosure of file monitoring configurations. This can provide an attacker with insight into which files are being monitored by the security platform, potentially revealing sensitive file paths or system configurations that could be targeted in further attacks [1].

Mitigation

Upgrade to Cynet 360 Web Portal v4.5 or later, which addresses this issue [1]. No workaround is mentioned in the available references.