CVE-2023-28443 - OpenCVE

Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 9.23.3, the `directus_refresh_token` is not redacted properly from the log outputs and can be used to impersonate users without their permission. This issue is patched in version 9.23.3.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Monospace	Directus

Configuration 1 [-]

cpe:2.3:a:monospace:directus:*:*:*:*:*:node.js:*:*

No data.

References

Link	Providers
https://github.com/directus/directus/blob/7c479c5161639aac466c763b6b958a9524201d74/api/src/logger.ts#L13
https://github.com/directus/directus/commit/349536303983ccba68ecb3e4fb35315424011afc
https://github.com/directus/directus/security/advisories/GHSA-8vg2-wf3q-mwv7

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-03-23T23:13:58.299Z

Updated: 2024-08-02T12:38:25.370Z

Reserved: 2023-03-15T15:59:10.056Z

Link: CVE-2023-28443

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-03-24T00:15:15.553

Modified: 2023-03-29T14:29:09.287

Link: CVE-2023-28443

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-28443", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-03-15T15:59:10.056Z", "datePublished": "2023-03-23T23:13:58.299Z", "dateUpdated": "2024-08-02T12:38:25.370Z"}, "containers": {"cna": {"title": "directus vulnerable to Insertion of Sensitive Information into Log File", "problemTypes": [{"descriptions": [{"cweId": "CWE-532", "lang": "en", "description": "CWE-532: Insertion of Sensitive Information into Log File", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-284", "lang": "en", "description": "CWE-284: Improper Access Control", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/directus/directus/security/advisories/GHSA-8vg2-wf3q-mwv7", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/directus/directus/security/advisories/GHSA-8vg2-wf3q-mwv7"}, {"name": "https://github.com/directus/directus/commit/349536303983ccba68ecb3e4fb35315424011afc", "tags": ["x_refsource_MISC"], "url": "https://github.com/directus/directus/commit/349536303983ccba68ecb3e4fb35315424011afc"}, {"name": "https://github.com/directus/directus/blob/7c479c5161639aac466c763b6b958a9524201d74/api/src/logger.ts#L13", "tags": ["x_refsource_MISC"], "url": "https://github.com/directus/directus/blob/7c479c5161639aac466c763b6b958a9524201d74/api/src/logger.ts#L13"}], "affected": [{"vendor": "directus", "product": "directus", "versions": [{"version": "< 9.23.3", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-03-23T23:13:58.299Z"}, "descriptions": [{"lang": "en", "value": "Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 9.23.3, the `directus_refresh_token` is not redacted properly from the log outputs and can be used to impersonate users without their permission. This issue is patched in version 9.23.3."}], "source": {"advisory": "GHSA-8vg2-wf3q-mwv7", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T12:38:25.370Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/directus/directus/security/advisories/GHSA-8vg2-wf3q-mwv7", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/directus/directus/security/advisories/GHSA-8vg2-wf3q-mwv7"}, {"name": "https://github.com/directus/directus/commit/349536303983ccba68ecb3e4fb35315424011afc", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/directus/directus/commit/349536303983ccba68ecb3e4fb35315424011afc"}, {"name": "https://github.com/directus/directus/blob/7c479c5161639aac466c763b6b958a9524201d74/api/src/logger.ts#L13", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/directus/directus/blob/7c479c5161639aac466c763b6b958a9524201d74/api/src/logger.ts#L13"}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:monospace:directus:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "FE45F985-DA11-41EA-AC98-0F122231CCE5", "versionEndExcluding": "9.23.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 9.23.3, the `directus_refresh_token` is not redacted properly from the log outputs and can be used to impersonate users without their permission. This issue is patched in version 9.23.3."}], "id": "CVE-2023-28443", "lastModified": "2023-03-29T14:29:09.287", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.6, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2023-03-24T00:15:15.553", "references": [{"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/directus/directus/blob/7c479c5161639aac466c763b6b958a9524201d74/api/src/logger.ts#L13"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/directus/directus/commit/349536303983ccba68ecb3e4fb35315424011afc"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/directus/directus/security/advisories/GHSA-8vg2-wf3q-mwv7"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}, {"lang": "en", "value": "CWE-532"}], "source": "security-advisories@github.com", "type": "Primary"}]}