CVE-2024-22206 - OpenCVE

Clerk helps developers build user management. Unauthorized access or privilege escalation due to a logic flaw in auth() in the App Router or getAuth() in the Pages Router. This vulnerability was patched in version 4.29.3.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Clerk	Javascript

Configuration 1 [-]

cpe:2.3:a:clerk:javascript:*:*:*:*:*:node.js:*:*

References

Link	Resource
https://clerk.com/changelog/2024-01-12	Release Notes Vendor Advisory
https://github.com/clerk/javascript/releases/tag/%40clerk%2Fnextjs%404.29.3	Patch Release Notes
https://github.com/clerk/javascript/security/advisories/GHSA-q6w5-jg5q-47vg	Patch Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-01-12T20:07:40.402Z

Updated: 2024-01-12T20:07:40.402Z

Reserved: 2024-01-08T04:59:27.373Z

Link: CVE-2024-22206

JSON object: View

NVD Information

Status : Analyzed

Published: 2024-01-12T20:15:47.420

Modified: 2024-01-22T18:38:06.843

Link: CVE-2024-22206

JSON object: View

Redhat Information

No data.

CWE

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2024-22206", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-01-08T04:59:27.373Z", "datePublished": "2024-01-12T20:07:40.402Z", "dateUpdated": "2024-01-12T20:07:40.402Z"}, "containers": {"cna": {"title": "@clerk/nextjs auth() and getAuth() methods vulnerable to insecure direct object reference (IDOR)", "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "lang": "en", "description": "CWE-284: Improper Access Control", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-287", "lang": "en", "description": "CWE-287: Improper Authentication", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-639", "lang": "en", "description": "CWE-639: Authorization Bypass Through User-Controlled Key", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/clerk/javascript/security/advisories/GHSA-q6w5-jg5q-47vg", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/clerk/javascript/security/advisories/GHSA-q6w5-jg5q-47vg"}, {"name": "https://clerk.com/changelog/2024-01-12", "tags": ["x_refsource_MISC"], "url": "https://clerk.com/changelog/2024-01-12"}, {"name": "https://github.com/clerk/javascript/releases/tag/%40clerk%2Fnextjs%404.29.3", "tags": ["x_refsource_MISC"], "url": "https://github.com/clerk/javascript/releases/tag/%40clerk%2Fnextjs%404.29.3"}], "affected": [{"vendor": "clerk", "product": "javascript", "versions": [{"version": ">= 4.7.0, < 4.29.3", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-01-12T20:07:40.402Z"}, "descriptions": [{"lang": "en", "value": "Clerk helps developers build user management. Unauthorized access or privilege escalation due to a logic flaw in auth() in the App Router or getAuth() in the Pages Router. This vulnerability was patched in version 4.29.3.\n"}], "source": {"advisory": "GHSA-q6w5-jg5q-47vg", "discovery": "UNKNOWN"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:clerk:javascript:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "750A6387-63D6-4EB8-825D-D77873BC36CC", "versionEndExcluding": "4.29.3", "versionStartIncluding": "4.7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Clerk helps developers build user management. Unauthorized access or privilege escalation due to a logic flaw in auth() in the App Router or getAuth() in the Pages Router. This vulnerability was patched in version 4.29.3.\n"}, {"lang": "es", "value": "Clerk ayuda a los desarrolladores a crear gesti\u00f3n de usuarios. Acceso no autorizado o escalada de privilegios debido a un fallo l\u00f3gico en auth() en App Router o getAuth() en Pages Router. Esta vulnerabilidad fue parcheada en la versi\u00f3n 4.29.3."}], "id": "CVE-2024-22206", "lastModified": "2024-01-22T18:38:06.843", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 6.0, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-01-12T20:15:47.420", "references": [{"source": "security-advisories@github.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://clerk.com/changelog/2024-01-12"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Release Notes"], "url": "https://github.com/clerk/javascript/releases/tag/%40clerk%2Fnextjs%404.29.3"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/clerk/javascript/security/advisories/GHSA-q6w5-jg5q-47vg"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}, {"lang": "en", "value": "CWE-287"}, {"lang": "en", "value": "CWE-639"}], "source": "security-advisories@github.com", "type": "Primary"}]}