CVE-2023-7240

Vulnerability

An improper authorization level was discovered in the login panel of NetIQ Identity Console. This flaw allows an unauthenticated attacker to trigger a Server Side Request Forgery (SSRF) by supplying a server address in the Server IP/DNS field. The application then makes a connection to arbitrary addresses, bypassing proper access controls [1].

Exploitation

No authentication is required to reach the vulnerable login panel. An attacker can simply submit a crafted request containing a target host (internal or external) in the login form's server field. The Identity Console server will then attempt an outbound connection to that address, effectively performing an open service enumeration [1].

Impact

Successful exploitation enables the attacker to probe networks for open services, potentially mapping internal infrastructure or accessing services that are not otherwise reachable. The SSRF can be used to scan for active hosts and ports, revealing sensitive information about the network environment [1].

Mitigation

The vulnerability has been resolved in NetIQ Identity Console version 1.7 Service Pack 2 (1.7.2). Organizations running earlier versions should upgrade to this release or later to eliminate the risk of unauthenticated SSRF [1].