CVE Vulnerability

CVE-2022-46145

authentik is an open-source identity provider. Versions prior to 2022.11.2 and 2022.10.2 are vulnerable to unauthorized user creation and potential account takeover. With the default flows, unauthenticated users can create new accounts in authentik. If a flow exists that allows for email-verified password recovery, this can be used to overwrite the email address of admin accounts and take over their accounts. authentik 2022.11.2 and 2022.10.2 fix this issue. As a workaround, a policy can be created and bound to the `default-user-settings-flow flow` with the contents `return request.user.is_authenticated`.

9.8 /10

CVSS v3.0 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://goauthentik.io/docs/releases/2022.11#fixed-in-2022112 Release Notes Vendor Advisory
https://goauthentik.io/docs/releases/2022.10#fixed-in-2022102 Release Notes Vendor Advisory
https://github.com/goauthentik/authentik/security/advisories/GHSA-mjfw-54m5-fvjf Mitigation Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:goauthentik:authentik:*:*:*:*:*:*:*:*
cpe:2.3:a:goauthentik:authentik:*:*:*:*:*:*:*:*
Information

Published : 2022-12-02 06:15

Updated : 2022-12-06 12:23

NVD link : CVE-2022-46145

Mitre link : CVE-2022-46145

Products Affected
No products.
CWE
CWE-287