CVE-2024-6534

Directus v10.13.0 allows an authenticated external attacker to modify presets created by the same user to assign them to another user. This is possible because the application only validates the user parameter in the 'POST /presets' request but not in the PATCH request. When chained with CVE-2024-6533, it could result in account takeover.
References
Link Resource
https://directus.io/ Product
https://fluidattacks.com/advisories/capaldi Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:monospace:directus:10.13.0:*:*:*:*:*:*:*

History

19 Aug 2024, 18:17

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 4.1
v2 : unknown
v3 : 4.3
CPE cpe:2.3:a:monospace:directus:10.13.0:*:*:*:*:*:*:*
References () https://directus.io/ - () https://directus.io/ - Product
References () https://fluidattacks.com/advisories/capaldi - () https://fluidattacks.com/advisories/capaldi - Third Party Advisory
First Time Monospace
Monospace directus
Summary
  • (es) Directus v10.13.0 permite a un atacante externo autenticado modificar los ajustes preestablecidos creados por el mismo usuario para asignarlos a otro usuario. Esto es posible porque la aplicación solo valida el parámetro de usuario en la solicitud 'POST /presets' pero no en la solicitud PATCH. Cuando se encadena con CVE-2024-6533, podría resultar en una apropiación de la cuenta.

15 Aug 2024, 04:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-15 04:15

Updated : 2024-08-19 18:17


NVD link : CVE-2024-6534

Mitre link : CVE-2024-6534

CVE.ORG link : CVE-2024-6534


JSON object : View

Products Affected

monospace

  • directus
CWE
CWE-639

Authorization Bypass Through User-Controlled Key