usd-2025-0023 | Agorum core open 11.9.1.3-1857 - Plaintext Storage of a Password
Product: Agorum core open
Affected Version: 11.9.1.3-1857
Vulnerability Type: Plaintext Storage of a Password (CWE-256)
Security Risk: High
Vendor: Agorum
Vendor URL: https://www.agorum.com/
Vendor acknowledged vulnerability: Yes
Vendor Status: Fixed
CVE Number: Requested
CVE Link: Requested
Advisory ID: usd-2025-0023
Description
agorum core is an open-source Enterprise Content Management (ECM) system developed by agorum Software GmbH in Germany. It offers a modular, highly customizable platform for document management, workflow automation, and digital collaboration.
Proof of Concept
During the installation process, the system administrator must define passwords for the mainadmin, demo, and database users. Upon successful installation, a datasheet will be created in the agorumcore/doc directory. The agorum-core-datasheet.txt contains the previously defined passwords in plaintext:
Datasheet agorum core:
Directories and Scripts:
Installdirectory:
/opt/agorum/agorumcore
Backupdirectory:
/opt/agorum/agorumcore/backup
Start-/Stop- agorum core:
/opt/agorum/agorumcore/scripts/agorumcore start/stop
Backup-Script:
/opt/agorum/agorumcore/scripts/agorumcorebackupAccess/Protocols:
Web-Portal (secure):
[https://172.17.0.1:443]()
Web-Portal (unsecure):
[http://172.17.0.1:81]()
Networkdrive (DMS Filearea):
\\\\172.17.0.1\\dms
Networkdrive (My area):
\\\\172.17.0.1\\private
FTP Access:
172.17.0.1:21
IMAP-Interface:
172.17.0.1:143
SMTP-Interface:
172.17.0.1:2501
Mail-Domain:
agorumcore.com
SMTP-Server:
localhost:25
SMTP-User:
SMTP-Password:
Access data agorum core:
Username (Mainadmin):
roi Password (Mainadmin: roi):
Changeme123456
Username (Demo):
demo Password (Demo):
demoAccess database (mysql):
database-Username: root
database-Password: Changeme123456
database-Host: localhost
database-Port: 3306
Miscellaneous Ports:
agorum core SessionUnlock Port: 17676
JBoss RMI Port: 31098
JBoss JNP Port: 31099
JBoss RMI-Object Port: 34444
JBoss Pooled-Invoker Port: 34445
JBoss WebService Port: 38083
JBoss UIL2 Port: 38093
OpenOffice Port: 8100
Storing passwords in plaintext poses a significant security risk, particularly when combined with other vulnerabilities. This practice exposes sensitive user credentials to unauthorized access and can lead to a range of severe consequences, especially when attackers can easily exploit other vulnerabilities without needing authentication.
Fix
It is recommended that passwords be securely hashed using strong cryptographic algorithms to ensure they are never stored in plaintext.
Users of agorum core open should upgrade to versions 11.9.2 or 11.10.1.
References
Timeline
- 2025-05-05: First contact request via mail.
- 2025-05-05: The vendor has confirmed the delivery and has begun investigating the matter.
- 2025-05-07: The vendor has begun addressing and fixing the issue.
- 2025-05-15: The vendor has addressed and fixed the vulnerability within the cloud instances.
- 2025-05-30: The vendor released fixed versions 11.9.2 and 11.10.1.
- 2025-06-27: This advisory is published.
Credits
This security vulnerability was identified by Jakob Steeg, Roman Hergenreder, Florian Kimmes, Kai Glauber, DR and Ole Wagner of usd AG.