Two vulnerabilities were discovered by researchers in Zendesk Explore security. An adversary could potentially leak customer information by exploiting these flaws. Vendors patched the vulnerabilities before malicious exploits, protecting users.
Zendesk Examines Vulnerabilities
A recent by Varonis Threat Labs revealed that their researchers discovered multiple security flaws in Zendesk Explore.
In particular, Zendesk’s Explore service provides a dedicated analytics and reporting solution. It facilitates customer support. Any vulnerabilities in the service could have a direct impact on customers’ data, as it directly supports customer support. Researchers have described the possible impact of an exploit in their report.
This flaw could have enabled threat actors access to conversations, emails addresses and tickets from Zendesk accounts that had Explore enabled.
The first security hole in Zendesk Discover is an SQL injection. Varonis researchers were able to exploit this flaw and extract the table list from the RDS instance of the platform. They also managed to exfiltrate the data stored in the database.
They then reported a second problem, a logical accessibility flaw. The flaw, which was caused by the inability to execute queries at the API, allowed researchers to alter the documents and expose the ‘inner workings’ of the system.
Researchers also noticed that the IDs “query”, “datasources”, and “cubeModels,” were not being assigned to the current user. Another flaw, which had a more serious impact on . It was stated that
API caller did not have permission to execute queries and access the database. A new end-user can invoke the API to modify the query and steal data from the target Zendesk account’s RDS. No SQLi is required.
These vulnerabilities could be exploited by an attacker simply by registering with Zendesk’s ticketing system. Zendesk Explore doesn’t automatically turn on, but new registrations are enabled by default. This increases the risk of systems that have Explore turned on.
Varonis researchers discovered the bug and contacted Zendesk representatives. Zendesk responded quickly to fix the flaws and prevent any security risk associated with possible exploits.
Researchers confirm patches and assure customers that they are safe.
We would love to hear your comments.