21 Oct 2020 12:15
The REST Service of the Report Server returns Error Stack Traces in the responses
We have done a security analysis and we found that there are some vulnerabilities with the default Telerik reports project as below.
Poor Error Handling: Unhandled exception
Error pages containing stack traces were found on these pages:
https://reports.abc.com/Account/ForgotPassword POST parameters: __RequestVerificationToken, Email
https://reports.abc.com/Account/Login POST parameters: __RequestVerificationToken, Username, Password, RememberMe, ReturnUrl https://reports.abc.com/api/reportserver/documents/C$39cae14f81d$9809a8279f1$72d6f30af5b7ed1809a23e
Stack traces are call chains of line numbered source code that usually result from unhandled exceptions. Unhandled exceptions are circumstances in which the application has received user input that it did not expect and doesn't know how to deal with. In many cases, an attacker can leverage the conditions that cause these errors in order to gain unauthorized access to the system. Recommendations include designing and adding consistent error-handling mechanisms that are capable of handling any user input to your web application, providing meaningful detail to end-users, and preventing error messages that might provide information useful to an attacker from being displayed.