# SonarQube api 信息泄露漏洞 CVE-2020-27986

## 漏洞描述

SonarQube 某接口存在信息泄露漏洞，可以获取部分敏感信息

## 漏洞影响

> [!NOTE]
>
> SonarQube

## FOFA

> [!NOTE]
>
> app="sonarQube-代码管理"

## 漏洞复现

主页如下

![image-20210627221618861](http://wikioss.peiqi.tech/vuln/image-20210627221618861.png?x-oss-process=image/auto-orient,1/quality,q_90/watermark,image_c2h1aXlpbi9zdWkucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTQvYnJpZ2h0LC0zOS9jb250cmFzdCwtNjQ,g_se,t_17,x_1,y_10)

漏洞POC

```
http://xxx.xxx.xxx.xxx/api/settings/values
```

![image-20210627221628431](http://wikioss.peiqi.tech/vuln/image-20210627221628431.png?x-oss-process=image/auto-orient,1/quality,q_90/watermark,image_c2h1aXlpbi9zdWkucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTQvYnJpZ2h0LC0zOS9jb250cmFzdCwtNjQ,g_se,t_17,x_1,y_10)

可泄露的为：明文SMTP、SVN和Gitlab等敏感信息

![image-20210627221640310](http://wikioss.peiqi.tech/vuln/image-20210627221640310.png?x-oss-process=image/auto-orient,1/quality,q_90/watermark,image_c2h1aXlpbi9zdWkucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTQvYnJpZ2h0LC0zOS9jb250cmFzdCwtNjQ,g_se,t_17,x_1,y_10)

## Goby & POC

> [!NOTE]
>
> SonarQube api Information leakage

![image-20210627221650998](http://wikioss.peiqi.tech/vuln/image-20210627221650998.png?x-oss-process=image/auto-orient,1/quality,q_90/watermark,image_c2h1aXlpbi9zdWkucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTQvYnJpZ2h0LC0zOS9jb250cmFzdCwtNjQ,g_se,t_17,x_1,y_10)