Improper Access Control Affecting causal/oidc package, versions <2.1.0


Severity

Recommended
0.0
medium
0
10

CVSS assessment made by Snyk's Security Team. Learn more

Threat Intelligence

Exploit Maturity
Proof of Concept

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk Learn

Learn about Improper Access Control vulnerabilities in an interactive lesson.

Start learning
  • Snyk IDSNYK-PHP-CAUSALOIDC-6516893
  • published3 Apr 2024
  • disclosed2 Apr 2024
  • creditMarkus Klein

Introduced: 2 Apr 2024

CVE-2024-30173  (opens in a new tab)
CWE-284  (opens in a new tab)

How to fix?

Upgrade causal/oidc to version 2.1.0 or higher.

Overview

Affected versions of this package are vulnerable to Improper Access Control due to improper verification of the OpenID Connect authentication state from the user lookup chain. Specifically, the authentication service authenticates any valid frontend user from the user lookup chain if the tx_oidc frontend user field is not empty.

Note:

This flaw is exploitable in scenarios where either ext:felogin is active or the $GLOBALS['TYPO3_CONF_VARS']['FE']['checkFeUserPid'] is disabled, allowing an attacker to log in to OpenID Connect frontend user accounts by providing a valid username and any password.

CVSS Scores

version 3.1