Thursday, November 10, 2016
TCS INFORMATION DISCLOSURE VULNERABILITY
TCS INFORMATION DISCLOSURE VULNERABILITY
http://m14hackersworld.blogspot.com
TCS INFORMATION DISCLOSURE VULNERABILITY
TCS Information Disclosure Vulnerability
India Indias leading software services and consulting company TCS (Tata Consultancy Services) is not Secure and is Vulnerable to Information Disclosure of Server private IP Address. This Vulnerability is disclosed amd reported by Christy Philip Mathew, an Information Security researcher from India.
Vulnerable link - " https://supportcentral.tcs.com/login/ " when a user will open Vulnerable URL, TCS domain will redirect that user to :
" https://supportcentral.tcs.com/login/scauth.asp?SC_URL=https%3A%2F%2Fsupportcentral.tcs.com%2Fsup_page_not_found.asp%3F404%3Bhttps%3A%2F%2F192.168.15.51%3A443%2Flogin%2F%27 "
and after analysing the above REDIRECTED URL carefully there is a Servers Private IP Address i.e 192.168.15.51 which can lead to many attacks and can make network Vulnerable.
TCS INFORMATION DISCLOSURE VULNERABILITY
TCS Information Disclosure Vulnerability
India Indias leading software services and consulting company TCS (Tata Consultancy Services) is not Secure and is Vulnerable to Information Disclosure of Server private IP Address. This Vulnerability is disclosed amd reported by Christy Philip Mathew, an Information Security researcher from India.
Vulnerable link - " https://supportcentral.tcs.com/login/ " when a user will open Vulnerable URL, TCS domain will redirect that user to :
" https://supportcentral.tcs.com/login/scauth.asp?SC_URL=https%3A%2F%2Fsupportcentral.tcs.com%2Fsup_page_not_found.asp%3F404%3Bhttps%3A%2F%2F192.168.15.51%3A443%2Flogin%2F%27 "
and after analysing the above REDIRECTED URL carefully there is a Servers Private IP Address i.e 192.168.15.51 which can lead to many attacks and can make network Vulnerable.
Available link for download
