Situation
There is a critical IDOR vulnerability in Comet Backup affecting all versions from 20.11.0 to 26.1.1 and 26.2.1. The vulnerability allowed a tenant administrator to impersonate any end-user account of other tenants on the same server via a vulnerable API call.
Impact
Cross-tenant account takeover is possible. Any tenant administrator could impersonate any end-user account of other tenants.
Call to action
Comet Hosted servers have already been upgraded. No action is required for Comet Hosted administrators.
For self-hosted instances update Comet Backup to 26.1.2, 26.2.2 or higher by the link:
https://account.cometbackup.com/downloads
Acknowledgements
We would like to thank A Security for responsibly disclosing this vulnerability and working with us to help protect our customers.
Comments
Please sign in to leave a comment.