CVE-2024-34065

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-34065
Strapi is an open-source content management system. By combining two vulnerabilities (an `Open Redirect` and `session token sent as URL query parameter`) in @strapi/plugin-users-permissions before version 4.24.2, is its possible of an unauthenticated attacker to bypass authentication mechanisms and retrieve the 3rd party tokens. The attack requires user interaction (one click). Unauthenticated attackers can leverage two vulnerabilities to obtain an 3rd party token and the bypass authentication of Strapi apps. Users should upgrade @strapi/plugin-users-permissions to version 4.24.2 to receive a patch.

8.1 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://github.com/strapi/strapi/security/advisories/GHSA-wrvh-rcmr-9qfc Exploit Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:strapi:strapi:*:*:*:*:*:*:*:*
History

26 Sep 2024, 14:55

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.1 		v2 : unknown
v3 : 8.1
First Time Strapi strapi
Strapi
CPE cpe:2.3:a:strapi:strapi:*:*:*:*:*:*:*:*
References () https://github.com/strapi/strapi/security/advisories/GHSA-wrvh-rcmr-9qfc - () https://github.com/strapi/strapi/security/advisories/GHSA-wrvh-rcmr-9qfc - Exploit, Vendor Advisory

13 Jun 2024, 18:36

Type Values Removed Values Added
Summary
  • (es) Strapi es un sistema de gestión de contenidos de código abierto. Al combinar dos vulnerabilidades (un `Open Redirect` y un `token de sesión enviado como parámetro de consulta de URL`) en @strapi/plugin-users-permissions antes de la versión 4.24.2, es posible que un atacante no autenticado evite los mecanismos de autenticación y recupere the 3rd party tokens. El ataque requiere la interacción del usuario (un clic). Los atacantes no autenticados pueden aprovechar dos vulnerabilidades para obtener un token de terceros y evitar la autenticación de las aplicaciones Strapi. Los usuarios deben actualizar @strapi/plugin-users-permissions a la versión 4.24.2 para recibir un parche.

12 Jun 2024, 15:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-06-12 15:15

Updated : 2024-09-26 14:55

NVD link : CVE-2024-34065

Mitre link : CVE-2024-34065

CVE.ORG link : CVE-2024-34065

JSON object : View

Products Affected

strapi

  • strapi
CWE
CWE-294

Authentication Bypass by Capture-replay

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024