1. What is this vulnerability and why does it matter?

This vulnerability, identified as CVE-2024-50967, is an Incorrect Access Control issue affecting the /rest/rights/ REST API endpoint in Becon DATAGerry. It matters because it allows an attacker to remotely access this specific endpoint without any authentication, leading to the unauthorized disclosure of sensitive information.

2. What are the CVSS score, severity level, and disclosure details?

The CVSS score for this vulnerability is 6.5, which typically translates to a Medium severity level. The vulnerability was published on January 17, 2025, and last modified on February 4, 2025.

3. Which products, vendors, systems, and versions are affected?

This vulnerability affects Becon DATAGerry systems up to and including version 2.2.0.

4. What is the technical root cause and attack vector?

The technical root cause is an Incorrect Access Control (CWE-862) implementation on the /rest/rights/ REST API endpoint. The attack vector involves remote access to this endpoint, which does not properly enforce authentication, allowing unauthenticated users to interact with it.

5. How can this vulnerability be exploited?

This vulnerability can be exploited by an attacker by simply making a remote request to the /rest/rights/ REST API endpoint of a vulnerable Becon DATAGerry instance without providing any authentication credentials. The lack of proper access control will grant the attacker unauthorized access to the information exposed by this endpoint.

6. What mitigation steps and patches are available?

Specific mitigation steps and patches are not detailed in the provided CVE data. It is strongly recommended to check vendor advisories from Becon for DATAGerry to obtain official patches or workarounds. General mitigation strategies would include implementing robust access control mechanisms, ensuring all API endpoints require proper authentication and authorization, and restricting network access to sensitive API endpoints where possible.

7. How can vulnerable systems be detected?

Vulnerable systems can be detected by checking the version of Becon DATAGerry currently in use. Systems running version 2.2.0 or earlier are susceptible. Additionally, a proof-of-concept could involve attempting to access the /rest/rights/ endpoint without authentication and observing if sensitive information is disclosed.

8. What are the indicators of compromise (IOCs)?

Indicators of Compromise (IOCs) for this vulnerability would include:

• Unexplained or unauthorized access logs to the /rest/rights/ endpoint from external or unauthenticated sources.
• Unusual data transfers or exfiltration from the DATAGerry system.
• Anomalous behavior or errors originating from the /rest/rights/ API.

9. Which threat actors are known to exploit this vulnerability?

The provided CVE data does not specify any known threat actors currently exploiting this vulnerability.

10. What public intelligence references and advisories exist?

The primary public intelligence reference for this vulnerability is CVE-2024-50967. Further advisories would typically be published by the vendor, Becon, through their security bulletin or support channels.

11. What is the risk assessment and urgency level?

With a CVSS score of 6.5, this vulnerability is classified as Medium severity. The risk is significant due to the potential for unauthorized disclosure of sensitive information without authentication. This type of vulnerability can lead to data breaches, compliance violations, and reputational damage. Therefore, the urgency level for addressing this vulnerability is high, especially for systems exposing the DATAGerry application to untrusted networks. Immediate action should be taken to assess exposure and apply any available patches or mitigations.