habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Revert "website: latest migration to new structure" (#11634)

Browse Source 
Revert "website: latest migration to new structure (#11522)"

This reverts commit 9a89a5f94b.
This commit is contained in:
Tana M Berry
2024-10-08 17:30:50 -05:00
committed by GitHub
parent 9a89a5f94b
commit 6b2fced1b9
336 changed files with 883 additions and 2636 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
website/docs/security/CVE-2024-47077.md Normal file
View File

@ -0,0 +1,25 @@
# CVE-2024-47077
_Reported by [@quentinmit](https://github.com/quentinmit)_
## Insufficient cross-provider token validation during introspection
### Summary
Access tokens issued to one application can be stolen by that application and used to impersonate the user against any other proxy provider. Also, a user can steal an access token they were legitimately issued for one application and use it to access another application that they aren't allowed to access.
### Details
The proxy provider uses `/application/o/introspect/` to validate bearer tokens provided in the `Authorization` header:
The implementation of this endpoint separately validates the `client_id` and `client_secret` (which are that of the proxy provider) and the `token` without validating that they correspond to the same provider.
### Patches
authentik 2024.6.5 and 2024.8.3 fix this issue.
### For more information
If you have any questions or comments about this advisory:
- Email us at [security@goauthentik.io](mailto:security@goauthentik.io)