One of our security team member was successful in accessing critical AEM nodes by bypassing dispatcher using this special encoding technique that uses ASCII code for the } character (Example: * /.%7D./.%7D./.%7D./.%7D./.%7D./)
To bypass authentication they downloaded an auth certificate using this vulnerability.
We were able to address this by adding few entries in dispatcher filters.
But we are not able to understand why ' } ' worked as valid bypass?
Solved! Go to Solution.
Views
Replies
Total Likes
Hi,
The specific reason why '}' worked as a valid bypass would require further investigation into the specific vulnerabilities present in your AEM implementation and the encoding technique being used.
However, It could be related to how the application interprets or mishandles special characters in certain contexts.
Hi,
The specific reason why '}' worked as a valid bypass would require further investigation into the specific vulnerabilities present in your AEM implementation and the encoding technique being used.
However, It could be related to how the application interprets or mishandles special characters in certain contexts.
Hi @ManviSharma
Is there a fix to circumvent this? This looks like an Adobe OOTB issue and multiple clients are having to figure temporary workarounds to fix this
Devanshi
Views
Replies
Total Likes
Views
Likes
Replies