CVE-2024-42490

moderate-risk

Published 2024-08-22

authentik is an open-source Identity Provider. Several API endpoints can be accessed by users without correct authentication/authorization. The main API endpoints affected by this are /api/v3/crypto/certificatekeypairs/<uuid>/view_certificate/, /api/v3/crypto/certificatekeypairs/<uuid>/view_private_key/, and /api/v3/.../used_by/. Note that all of the affected API endpoints require the knowledge of the ID of an object, which especially for certificates is not accessible to an unprivileged user. Additionally the IDs for most objects are UUIDv4, meaning they are not easily guessable/enumerable. authentik 2024.4.4, 2024.6.4 and 2024.8.0 fix this issue.

Do I need to act?

1.5% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.5/10 High

NETWORK / HIGH complexity

Affected Products (1)

Authentik

Affected Vendors

Goauthentik

References (3)

Patch https://github.com/goauthentik/authentik/commit/19318d4c00bb02c4ec3c4f8f15ac2e1d...

Patch https://github.com/goauthentik/authentik/commit/359b343f51524342a5ca03828e7c975a...

Vendor Advisory https://github.com/goauthentik/authentik/security/advisories/GHSA-qxqc-27pr-wgc8

/ 100

moderate-risk

Severity 22/34 · High

Exploitability 4/34 · Minimal

Exposure 5/34 · Minimal