CVE-2024-36042: 
Java vulnerability analysis and mitigation

A critical authentication bypass vulnerability (CVE-2024-36042) was discovered in Silverpeas versions before 6.3.5. The vulnerability was identified on December 5, 2024, and allows attackers to bypass authentication by simply omitting the Password field in requests to AuthenticationServlet, potentially gaining superadmin access to the system (GitHub Gist). The vulnerability has been assigned a CVSS v3.1 base score of 9.8 CRITICAL (NVD).

The vulnerability stems from a flaw in how the application handles different login methods. When authenticating, if the password form field is omitted from the request, the application incorrectly assumes it's a SSO-based login where no password is required. This allows attackers to authenticate as any valid user, including the default superadmin account 'SilverAdmin', by simply sending a POST request to /silverpeas/AuthenticationServlet with only the Login and DomainId parameters (GitHub Gist). The vulnerability is classified as CWE-288: Authentication Bypass Using an Alternate Path or Channel (NVD).

The exploitation of this vulnerability can lead to complete system compromise as it allows unauthenticated attackers to gain superadmin access to the Silverpeas application. This level of access typically grants full control over the system's configuration, user management, and data (GitHub Gist).

The vulnerability has been fixed in Silverpeas version 6.3.5 through a patch that properly handles authentication methods. The fix involves setting and checking a 'remotely authenticated' flag rather than just checking if the password value is null. Organizations running affected versions should upgrade to version 6.3.5 or later immediately (GitHub Gist, Silverpeas Tags).