{ "id": "CVE-2024-34065", "sourceIdentifier": "security-advisories@github.com", "published": "2024-06-12T15:15:51.460", "lastModified": "2024-11-21T09:18:00.980", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Strapi is an open-source content management system. By combining two vulnerabilities (an `Open Redirect` and `session token sent as URL query parameter`) in @strapi/plugin-users-permissions before version 4.24.2, is its possible of an unauthenticated attacker to bypass authentication mechanisms and retrieve the 3rd party tokens. The attack requires user interaction (one click). Unauthenticated attackers can leverage two vulnerabilities to obtain an 3rd party token and the bypass authentication of Strapi apps. Users should upgrade @strapi/plugin-users-permissions to version 4.24.2 to receive a patch." }, { "lang": "es", "value": "Strapi es un sistema de gesti\u00f3n de contenidos de c\u00f3digo abierto. Al combinar dos vulnerabilidades (un `Open Redirect` y un `token de sesi\u00f3n enviado como par\u00e1metro de consulta de URL`) en @strapi/plugin-users-permissions antes de la versi\u00f3n 4.24.2, es posible que un atacante no autenticado evite los mecanismos de autenticaci\u00f3n y recupere the 3rd party tokens. El ataque requiere la interacci\u00f3n del usuario (un clic). Los atacantes no autenticados pueden aprovechar dos vulnerabilidades para obtener un token de terceros y evitar la autenticaci\u00f3n de las aplicaciones Strapi. Los usuarios deben actualizar @strapi/plugin-users-permissions a la versi\u00f3n 4.24.2 para recibir un parche." } ], "metrics": { "cvssMetricV31": [ { "source": "security-advisories@github.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N", "baseScore": 7.1, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "availabilityImpact": "NONE" }, "exploitabilityScore": 2.8, "impactScore": 4.2 }, { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "baseScore": 8.1, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE" }, "exploitabilityScore": 2.8, "impactScore": 5.2 } ] }, "weaknesses": [ { "source": "security-advisories@github.com", "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-294" }, { "lang": "en", "value": "CWE-601" } ] }, { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-294" }, { "lang": "en", "value": "CWE-601" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:strapi:strapi:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.24.2", "matchCriteriaId": "D0B5DAE3-AC23-48C9-B266-7315B643700A" } ] } ] } ], "references": [ { "url": "https://github.com/strapi/strapi/security/advisories/GHSA-wrvh-rcmr-9qfc", "source": "security-advisories@github.com", "tags": [ "Exploit", "Vendor Advisory" ] }, { "url": "https://github.com/strapi/strapi/security/advisories/GHSA-wrvh-rcmr-9qfc", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Vendor Advisory" ] } ] }