CVE-2024-22206 - OpenCVE

Clerk helps developers build user management. Unauthorized access or privilege escalation due to a logic flaw in auth() in the App Router or getAuth() in the Pages Router. This vulnerability was patched in version 4.29.3.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Clerk	Javascript

Configuration 1 [-]

cpe:2.3:a:clerk:javascript:*:*:*:*:*:node.js:*:*

No data.

References

Link	Providers
https://clerk.com/changelog/2024-01-12
https://github.com/clerk/javascript/releases/tag/%40clerk%2Fnextjs%404.29.3
https://github.com/clerk/javascript/security/advisories/GHSA-q6w5-jg5q-47vg

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-01-12T20:07:40.402Z

Updated: 2024-08-01T22:35:34.930Z

Reserved: 2024-01-08T04:59:27.373Z

Link: CVE-2024-22206

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2024-01-12T20:15:47.420

Modified: 2024-01-22T18:38:06.843

Link: CVE-2024-22206

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-22206", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-01-08T04:59:27.373Z", "datePublished": "2024-01-12T20:07:40.402Z", "dateUpdated": "2024-08-01T22:35:34.930Z"}, "containers": {"cna": {"title": "@clerk/nextjs auth() and getAuth() methods vulnerable to insecure direct object reference (IDOR)", "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "lang": "en", "description": "CWE-284: Improper Access Control", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-287", "lang": "en", "description": "CWE-287: Improper Authentication", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-639", "lang": "en", "description": "CWE-639: Authorization Bypass Through User-Controlled Key", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/clerk/javascript/security/advisories/GHSA-q6w5-jg5q-47vg", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/clerk/javascript/security/advisories/GHSA-q6w5-jg5q-47vg"}, {"name": "https://clerk.com/changelog/2024-01-12", "tags": ["x_refsource_MISC"], "url": "https://clerk.com/changelog/2024-01-12"}, {"name": "https://github.com/clerk/javascript/releases/tag/%40clerk%2Fnextjs%404.29.3", "tags": ["x_refsource_MISC"], "url": "https://github.com/clerk/javascript/releases/tag/%40clerk%2Fnextjs%404.29.3"}], "affected": [{"vendor": "clerk", "product": "javascript", "versions": [{"version": ">= 4.7.0, < 4.29.3", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-01-12T20:07:40.402Z"}, "descriptions": [{"lang": "en", "value": "Clerk helps developers build user management. Unauthorized access or privilege escalation due to a logic flaw in auth() in the App Router or getAuth() in the Pages Router. This vulnerability was patched in version 4.29.3.\n"}], "source": {"advisory": "GHSA-q6w5-jg5q-47vg", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T22:35:34.930Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/clerk/javascript/security/advisories/GHSA-q6w5-jg5q-47vg", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/clerk/javascript/security/advisories/GHSA-q6w5-jg5q-47vg"}, {"name": "https://clerk.com/changelog/2024-01-12", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://clerk.com/changelog/2024-01-12"}, {"name": "https://github.com/clerk/javascript/releases/tag/%40clerk%2Fnextjs%404.29.3", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/clerk/javascript/releases/tag/%40clerk%2Fnextjs%404.29.3"}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:clerk:javascript:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "750A6387-63D6-4EB8-825D-D77873BC36CC", "versionEndExcluding": "4.29.3", "versionStartIncluding": "4.7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Clerk helps developers build user management. Unauthorized access or privilege escalation due to a logic flaw in auth() in the App Router or getAuth() in the Pages Router. This vulnerability was patched in version 4.29.3.\n"}, {"lang": "es", "value": "Clerk ayuda a los desarrolladores a crear gesti\u00f3n de usuarios. Acceso no autorizado o escalada de privilegios debido a un fallo l\u00f3gico en auth() en App Router o getAuth() en Pages Router. Esta vulnerabilidad fue parcheada en la versi\u00f3n 4.29.3."}], "id": "CVE-2024-22206", "lastModified": "2024-01-22T18:38:06.843", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 6.0, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-01-12T20:15:47.420", "references": [{"source": "security-advisories@github.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://clerk.com/changelog/2024-01-12"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Release Notes"], "url": "https://github.com/clerk/javascript/releases/tag/%40clerk%2Fnextjs%404.29.3"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/clerk/javascript/security/advisories/GHSA-q6w5-jg5q-47vg"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}, {"lang": "en", "value": "CWE-287"}, {"lang": "en", "value": "CWE-639"}], "source": "security-advisories@github.com", "type": "Primary"}]}