CVE-2020-26254 - OpenCVE

Vendors	Products
Omniauth-apple Project	Omniauth-apple

Link	Providers
https://github.com/nhosoya/omniauth-apple/blob/master/CHANGELOG.md#101---2020-12-03
https://github.com/nhosoya/omniauth-apple/commit/b37d5409213adae2ca06a67fec14c8d3d07d9016
https://github.com/nhosoya/omniauth-apple/security/advisories/GHSA-49r3-2549-3633

{"containers": {"cna": {"affected": [{"product": "omniauth-apple", "vendor": "nhosoya", "versions": [{"status": "affected", "version": "< 1.0.1"}]}], "descriptions": [{"lang": "en", "value": "omniauth-apple is the OmniAuth strategy for \"Sign In with Apple\" (RubyGem omniauth-apple). In omniauth-apple before version 1.0.1 attackers can fake their email address during authentication. This vulnerability impacts applications using the omniauth-apple strategy of OmniAuth and using the info.email field of OmniAuth's Auth Hash Schema for any kind of identification. The value of this field may be set to any value of the attacker's choice including email addresses of other users. Applications not using info.email for identification but are instead using the uid field are not impacted in the same manner. Note, these applications may still be negatively affected if the value of info.email is being used for other purposes. Applications using affected versions of omniauth-apple are advised to upgrade to omniauth-apple version 1.0.1 or later."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-290", "description": "CWE-290 Authentication Bypass by Spoofing", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-12-08T14:20:13", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/nhosoya/omniauth-apple/security/advisories/GHSA-49r3-2549-3633"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/nhosoya/omniauth-apple/commit/b37d5409213adae2ca06a67fec14c8d3d07d9016"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/nhosoya/omniauth-apple/blob/master/CHANGELOG.md#101---2020-12-03"}], "source": {"advisory": "GHSA-49r3-2549-3633", "discovery": "UNKNOWN"}, "title": "omniauth-apple allows attacker to fake their email address during authentication", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2020-26254", "STATE": "PUBLIC", "TITLE": "omniauth-apple allows attacker to fake their email address during authentication"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "omniauth-apple", "version": {"version_data": [{"version_value": "< 1.0.1"}]}}]}, "vendor_name": "nhosoya"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "omniauth-apple is the OmniAuth strategy for \"Sign In with Apple\" (RubyGem omniauth-apple). In omniauth-apple before version 1.0.1 attackers can fake their email address during authentication. This vulnerability impacts applications using the omniauth-apple strategy of OmniAuth and using the info.email field of OmniAuth's Auth Hash Schema for any kind of identification. The value of this field may be set to any value of the attacker's choice including email addresses of other users. Applications not using info.email for identification but are instead using the uid field are not impacted in the same manner. Note, these applications may still be negatively affected if the value of info.email is being used for other purposes. Applications using affected versions of omniauth-apple are advised to upgrade to omniauth-apple version 1.0.1 or later."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-290 Authentication Bypass by Spoofing"}]}]}, "references": {"reference_data": [{"name": "https://github.com/nhosoya/omniauth-apple/security/advisories/GHSA-49r3-2549-3633", "refsource": "CONFIRM", "url": "https://github.com/nhosoya/omniauth-apple/security/advisories/GHSA-49r3-2549-3633"}, {"name": "https://github.com/nhosoya/omniauth-apple/commit/b37d5409213adae2ca06a67fec14c8d3d07d9016", "refsource": "MISC", "url": "https://github.com/nhosoya/omniauth-apple/commit/b37d5409213adae2ca06a67fec14c8d3d07d9016"}, {"name": "https://github.com/nhosoya/omniauth-apple/blob/master/CHANGELOG.md#101---2020-12-03", "refsource": "MISC", "url": "https://github.com/nhosoya/omniauth-apple/blob/master/CHANGELOG.md#101---2020-12-03"}]}, "source": {"advisory": "GHSA-49r3-2549-3633", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T15:56:03.550Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/nhosoya/omniauth-apple/security/advisories/GHSA-49r3-2549-3633"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/nhosoya/omniauth-apple/commit/b37d5409213adae2ca06a67fec14c8d3d07d9016"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/nhosoya/omniauth-apple/blob/master/CHANGELOG.md#101---2020-12-03"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2020-26254", "datePublished": "2020-12-08T14:20:13", "dateReserved": "2020-10-01T00:00:00", "dateUpdated": "2024-08-04T15:56:03.550Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:omniauth-apple_project:omniauth-apple:*:*:*:*:*:ruby:*:*", "matchCriteriaId": "D5C95EE3-9B9F-4092-A4F6-1DA130F196EC", "versionEndExcluding": "1.0.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "omniauth-apple is the OmniAuth strategy for \"Sign In with Apple\" (RubyGem omniauth-apple). In omniauth-apple before version 1.0.1 attackers can fake their email address during authentication. This vulnerability impacts applications using the omniauth-apple strategy of OmniAuth and using the info.email field of OmniAuth's Auth Hash Schema for any kind of identification. The value of this field may be set to any value of the attacker's choice including email addresses of other users. Applications not using info.email for identification but are instead using the uid field are not impacted in the same manner. Note, these applications may still be negatively affected if the value of info.email is being used for other purposes. Applications using affected versions of omniauth-apple are advised to upgrade to omniauth-apple version 1.0.1 or later."}, {"lang": "es", "value": "omniauth-apple es la estrategia de OmniAuth para \"Sign In with Apple\" (RubyGem omniauth-apple). En omniauth-apple anterior a versi\u00f3n 1.0.1, los atacantes pueden falsificar su direcci\u00f3n de correo electr\u00f3nico durante la autenticaci\u00f3n. Esta vulnerabilidad afecta a las aplicaciones que usan la estrategia omniauth-apple de OmniAuth y el campo info.email del Auth Hash Schema de OmniAuth para cualquier tipo de identificaci\u00f3n. El valor de este campo puede ser establecido en cualquier valor que elija el atacante, incluyendo las direcciones de correo electr\u00f3nico de otros usuarios. Las aplicaciones que no usan info.email para la identificaci\u00f3n, sino que en su lugar usan el campo uid, no est\u00e1n afectadas de la misma manera. Tome en cuenta que estas aplicaciones a\u00fan pueden estar afectadas negativamente si el valor de info.email se utiliza para otros fines. Se recomienda a las aplicaciones que utilizan versiones afectadas de omniauth-apple que se actualicen a omniauth-apple versi\u00f3n 1.0"}], "id": "CVE-2020-26254", "lastModified": "2020-12-10T14:46:43.497", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 4.0, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2020-12-08T15:15:11.130", "references": [{"source": "security-advisories@github.com", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/nhosoya/omniauth-apple/blob/master/CHANGELOG.md#101---2020-12-03"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/nhosoya/omniauth-apple/commit/b37d5409213adae2ca06a67fec14c8d3d07d9016"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "url": "https://github.com/nhosoya/omniauth-apple/security/advisories/GHSA-49r3-2549-3633"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-290"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-290"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object