Authorization Bypass Through User-Controlled Key Affecting directus package, versions <10.13.2
Threat Intelligence
Snyk has a proof-of-concept or detailed explanation of how to exploit this vulnerability.
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-JS-DIRECTUS-7840533
- published28 Aug 2024
- disclosed27 Aug 2024
- creditUnknown
Introduced: 27 Aug 2024
CVE NOT AVAILABLE CWE-639 (opens in a new tab)How to fix?
Upgrade directus to version 10.13.2 or higher.
Overview
directus is a Directus is a real-time API and App dashboard for managing SQL database content.
Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the PATCH /presets endpoint when the application only validates the user parameter in the POST /presets request but not in the PATCH request. An attacker can modify presets created by the same user to assign them to another user by sending a crafted PATCH request with the victim's user ID. This is only exploitable if the attacker has valid authentication credentials and can access the preset ID.