Title: IntelliChoice eFORCE Software Suite v2.5.9 Username Enumeration
Advisory ID: ZSL-2021-5658
Type: Local/Remote
Impact: Exposure of Sensitive Information
Risk: (2/5)
Release Date: 28.07.2021

Summary

IntelliChoice is a United States software company that was founded in 2003, and offers a software title called eFORCE Software Suite. eFORCE Software Suite is law enforcement software, and includes features such as case management, court management, crime scene management, criminal database, dispatching, evidence management, field reporting, scheduling, court management integration, certification management, and incident mapping. With regards to system requirements, eFORCE Software Suite is available as SaaS, Windows, iPhone, and iPad software.

Description

The weakness is caused due to the login script and how it verifies provided credentials. Attacker can use this weakness to enumerate valid users on the affected application via 'ctl00$MainContent$UserName' POST parameter.

Vendor

IntelliChoice, Inc. - https://www.eforcesoftware.com

Affected Version

2.5.9.6
2.5.9.5
2.5.9.3
2.5.9.2
2.5.9.1
2.5.8.0
2.5.7.20
2.5.7.18
2.5.6.18
2.5.4.6
2.5.3.11

Tested On

Microsoft-IIS/10.0
Microsoft-IIS/8.5
ASP.NET/4.0.30319

Vendor Status

[03.05.2021] Vulnerability discovered.
[15.07.2021] Vendor contacted.
[27.07.2021] No response from the vendor.
[28.07.2021] Public security advisory released.

PoC

eforce_usrenum.txt

Credits

Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>

References

[1] https://www.exploit-db.com/exploits/50164
[2] https://packetstormsecurity.com/files/163705/
[3] https://cxsecurity.com/issue/WLB-2021070171
[4] https://exchange.xforce.ibmcloud.com/vulnerabilities/206479

Changelog

[28.07.2021] - Initial release
[30.07.2021] - Added reference [1] and [2]
[02.08.2021] - Added reference [3] and [4]

Contact

Zero Science Lab

Web: https://www.zeroscience.mk
e-mail: lab@zeroscience.mk