In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about Improper Authentication vulnerabilities in an interactive lesson.
Start learningUpgrade surrealdb-core
to version 1.5.1 or higher.
Affected versions of this package are vulnerable to Improper Authentication through the use
method or USE
clause. An attacker can impersonate another user and perform unauthorized actions by exploiting identical record identifiers across different databases within the same instance. This is only exploitable if multiple databases in the same SurrealDB instance use explicitly defined or incremental record identifiers to identify users on an identically named table.
This vulnerability can be mitigated by ensuring that table PERMISSIONS
clauses explicitly check that the $scope
parameter matches a scope that is uniquely named across databases in the same SurrealDB instance. Ensuring that record identifiers for users are automatically generated or explicitly generated to be unique across databases may also be sufficient to mitigate this issue, as the $auth
parameter will not link to any user record and any PERMISSIONS
clauses restricting authorization based on the authenticated user should fail to successfully evaluate.