Surrealdb · Surrealdb · CVE-2024-58362
**Name of the Vulnerable Software and Affected Versions**
SurrealDB versions prior to 1.5.5
SurrealDB versions 2.0.0-beta through 2.0.0-beta.2
**Description**
The RPC API accepts arbitrary objects in the signin and signup operations without recursively validating them for non-computed values. When a record access method defines a SIGNIN or SIGNUP query and the RPC API is exposed to untrusted users, an unauthenticated attacker can use the bincode serialization format to supply a binary object containing a subquery instead of credentials. This subquery is executed within the database owner's query under a system user session with the editor role, enabling the attacker to select, create, update, and delete non-IAM resources. The attacker cannot view query results directly or affect IAM (Identity and Access Management) resources, as those require the owner role.
**Recommendations**
Update SurrealDB to version 1.5.5.
Update SurrealDB to version 2.0.0-beta.3.