CVE-2022-46145

CVSS v3.1

8.1

High

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions authentik versions prior to 2022.11.2 authentik versions prior to 2022.10.2

Description authentik is an open-source identity provider. With the default flows, unauthenticated users can create new accounts in authentik. If a flow exists that allows for email-verified password recovery, this can be used to overwrite the email address of admin accounts and take over their accounts.

Recommendations As a temporary workaround for versions prior to 2022.11.2 and 2022.10.2, consider creating a policy and binding it to the default-user-settings-flow flow with the contents return request.user.is authenticated. Update to version 2022.11.2 or later to fix the issue. Update to version 2022.10.2 or later to fix the issue.

Exploit

Fix

Missing Authentication

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306CWE-287

Related Identifiers

BIT-AUTHENTIK-2022-46145

CVE-2022-46145

GHSA-MJFW-54M5-FVJF

Affected Products

Authentik

CVE-2022-46145

Weakness Enumeration

Related Identifiers

Affected Products

References · 9