Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
PKCE downgrade attack in Authentik
Vulnerability Description
Authentik is an open-source Identity Provider. There is a bug in our implementation of PKCE that allows an attacker to circumvent the protection that PKCE offers. PKCE adds the code_challenge parameter to the authorization request and adds the code_verifier parameter to the token request. Prior to 2023.8.7 and 2023.10.7, a downgrade scenario is possible: if the attacker removes the code_challenge parameter from the authorization request, authentik will not do the PKCE check. Because of this bug, an attacker can circumvent the protection PKCE offers, such as CSRF attacks and code injection attacks. Versions 2023.8.7 and 2023.10.7 fix the issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Vulnerability Type
认证机制不恰当
Vulnerability Title
authentik 授权问题漏洞
Vulnerability Description
authentik是authentik开源的一个开源身份提供应用程序。 Authentik 2023.8.7 和 2023.10.7之前版本存在授权问题漏洞,该漏洞源于authentik 的 PKCE中存在安全问题,允许攻击者绕过 PKCE 提供的保护。
CVSS Information
N/A
Vulnerability Type
N/A