CVE-2023-50714 (GCVE-0-2023-50714)

Vulnerability from cvelistv5 – Published: 2023-12-22 18:30 – Updated: 2024-11-27 15:43
VLAI?
Summary
yii2-authclient is an extension that adds OpenID, OAuth, OAuth2 and OpenId Connect consumers for the Yii framework 2.0. In yii2-authclient prior to version 2.2.15, the Oauth2 PKCE implementation is vulnerable in 2 ways. First, the `authCodeVerifier` should be removed after usage (similar to `authState`). Second, there is a risk for a `downgrade attack` if PKCE is being relied on for CSRF protection. Version 2.2.15 contains a patch for the issue. No known workarounds are available.
Severity ?
6.8 (Medium)
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
CWE
  • CWE-918 - Server-Side Request Forgery (SSRF)
  • CWE-347 - Improper Verification of Cryptographic Signature
Assigner
References
Impacted products
Vendor Product Version
yiisoft yii2-authclient Affected: < 2.2.15
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T22:16:47.248Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/yiisoft/yii2-authclient/security/advisories/GHSA-rw54-6826-c8j5",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/yiisoft/yii2-authclient/security/advisories/GHSA-rw54-6826-c8j5"
          },
          {
            "name": "https://github.com/yiisoft/yii2-authclient/commit/721ed974bc44137437b0cdc8454e137fff8db213",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/yiisoft/yii2-authclient/commit/721ed974bc44137437b0cdc8454e137fff8db213"
          },
          {
            "name": "https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth1.php#L158",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth1.php#L158"
          },
          {
            "name": "https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth2.php#L121",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth2.php#L121"
          },
          {
            "name": "https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OpenIdConnect.php#L420",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OpenIdConnect.php#L420"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-50714",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-27T15:42:08.944505Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-27T15:43:11.763Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "yii2-authclient",
          "vendor": "yiisoft",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.2.15"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "yii2-authclient is an extension that adds OpenID, OAuth, OAuth2 and OpenId Connect consumers for the Yii framework 2.0. In yii2-authclient prior to version 2.2.15, the Oauth2 PKCE implementation is vulnerable in 2 ways. First, the `authCodeVerifier` should be removed after usage (similar to `authState`). Second, there is a risk for a `downgrade attack` if PKCE is being relied on for CSRF protection. Version 2.2.15 contains a patch for the issue. No known workarounds are available."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-918",
              "description": "CWE-918: Server-Side Request Forgery (SSRF)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-347",
              "description": "CWE-347: Improper Verification of Cryptographic Signature",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-22T18:30:03.118Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/yiisoft/yii2-authclient/security/advisories/GHSA-rw54-6826-c8j5",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/yiisoft/yii2-authclient/security/advisories/GHSA-rw54-6826-c8j5"
        },
        {
          "name": "https://github.com/yiisoft/yii2-authclient/commit/721ed974bc44137437b0cdc8454e137fff8db213",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/yiisoft/yii2-authclient/commit/721ed974bc44137437b0cdc8454e137fff8db213"
        },
        {
          "name": "https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth1.php#L158",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth1.php#L158"
        },
        {
          "name": "https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth2.php#L121",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth2.php#L121"
        },
        {
          "name": "https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OpenIdConnect.php#L420",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OpenIdConnect.php#L420"
        }
      ],
      "source": {
        "advisory": "GHSA-rw54-6826-c8j5",
        "discovery": "UNKNOWN"
      },
      "title": "The Oauth2 PKCE implementation is vulnerable"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-50714",
    "datePublished": "2023-12-22T18:30:03.118Z",
    "dateReserved": "2023-12-11T17:53:36.029Z",
    "dateUpdated": "2024-11-27T15:43:11.763Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:yiiframework:yii2-authclient:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.2.15\", \"matchCriteriaId\": \"AA4F5AF6-EA08-40F8-9C22-EA09F0653F11\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"yii2-authclient is an extension that adds OpenID, OAuth, OAuth2 and OpenId Connect consumers for the Yii framework 2.0. In yii2-authclient prior to version 2.2.15, the Oauth2 PKCE implementation is vulnerable in 2 ways. First, the `authCodeVerifier` should be removed after usage (similar to `authState`). Second, there is a risk for a `downgrade attack` if PKCE is being relied on for CSRF protection. Version 2.2.15 contains a patch for the issue. No known workarounds are available.\"}, {\"lang\": \"es\", \"value\": \"yii2-authclient es una extensi\\u00f3n que agrega consumidores OpenID, OAuth, OAuth2 y OpenId Connect para el framework Yii 2.0. En yii2-authclient anterior a la versi\\u00f3n 2.2.15, la implementaci\\u00f3n de Oauth2 PKCE es vulnerable de 2 maneras. Primero, \\\"authCodeVerifier\\\" debe eliminarse despu\\u00e9s de su uso (similar a \\\"authState\\\"). En segundo lugar, existe el riesgo de un \\\"downgrade attack\\\" si se conf\\u00eda en PKCE para la protecci\\u00f3n CSRF. La versi\\u00f3n 2.2.15 contiene un parche para el problema. No hay workarounds disponibles.\"}]",
      "id": "CVE-2023-50714",
      "lastModified": "2024-11-21T08:37:11.637",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N\", \"baseScore\": 6.8, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.6, \"impactScore\": 5.2}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}]}",
      "published": "2023-12-22T19:15:09.057",
      "references": "[{\"url\": \"https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth1.php#L158\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Product\"]}, {\"url\": \"https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth2.php#L121\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Product\"]}, {\"url\": \"https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OpenIdConnect.php#L420\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Product\"]}, {\"url\": \"https://github.com/yiisoft/yii2-authclient/commit/721ed974bc44137437b0cdc8454e137fff8db213\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/yiisoft/yii2-authclient/security/advisories/GHSA-rw54-6826-c8j5\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth1.php#L158\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Product\"]}, {\"url\": \"https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth2.php#L121\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Product\"]}, {\"url\": \"https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OpenIdConnect.php#L420\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Product\"]}, {\"url\": \"https://github.com/yiisoft/yii2-authclient/commit/721ed974bc44137437b0cdc8454e137fff8db213\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/yiisoft/yii2-authclient/security/advisories/GHSA-rw54-6826-c8j5\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "security-advisories@github.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-347\"}, {\"lang\": \"en\", \"value\": \"CWE-918\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-287\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-50714\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2023-12-22T19:15:09.057\",\"lastModified\":\"2024-11-21T08:37:11.637\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"yii2-authclient is an extension that adds OpenID, OAuth, OAuth2 and OpenId Connect consumers for the Yii framework 2.0. In yii2-authclient prior to version 2.2.15, the Oauth2 PKCE implementation is vulnerable in 2 ways. First, the `authCodeVerifier` should be removed after usage (similar to `authState`). Second, there is a risk for a `downgrade attack` if PKCE is being relied on for CSRF protection. Version 2.2.15 contains a patch for the issue. No known workarounds are available.\"},{\"lang\":\"es\",\"value\":\"yii2-authclient es una extensi\u00f3n que agrega consumidores OpenID, OAuth, OAuth2 y OpenId Connect para el framework Yii 2.0. En yii2-authclient anterior a la versi\u00f3n 2.2.15, la implementaci\u00f3n de Oauth2 PKCE es vulnerable de 2 maneras. Primero, \\\"authCodeVerifier\\\" debe eliminarse despu\u00e9s de su uso (similar a \\\"authState\\\"). En segundo lugar, existe el riesgo de un \\\"downgrade attack\\\" si se conf\u00eda en PKCE para la protecci\u00f3n CSRF. La versi\u00f3n 2.2.15 contiene un parche para el problema. No hay workarounds disponibles.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N\",\"baseScore\":6.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.6,\"impactScore\":5.2},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-347\"},{\"lang\":\"en\",\"value\":\"CWE-918\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:yiiframework:yii2-authclient:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.2.15\",\"matchCriteriaId\":\"AA4F5AF6-EA08-40F8-9C22-EA09F0653F11\"}]}]}],\"references\":[{\"url\":\"https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth1.php#L158\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth2.php#L121\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OpenIdConnect.php#L420\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/yiisoft/yii2-authclient/commit/721ed974bc44137437b0cdc8454e137fff8db213\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/yiisoft/yii2-authclient/security/advisories/GHSA-rw54-6826-c8j5\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth1.php#L158\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth2.php#L121\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OpenIdConnect.php#L420\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/yiisoft/yii2-authclient/commit/721ed974bc44137437b0cdc8454e137fff8db213\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/yiisoft/yii2-authclient/security/advisories/GHSA-rw54-6826-c8j5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"title\": \"The Oauth2 PKCE implementation is vulnerable\", \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-918\", \"lang\": \"en\", \"description\": \"CWE-918: Server-Side Request Forgery (SSRF)\", \"type\": \"CWE\"}]}, {\"descriptions\": [{\"cweId\": \"CWE-347\", \"lang\": \"en\", \"description\": \"CWE-347: Improper Verification of Cryptographic Signature\", \"type\": \"CWE\"}]}], \"metrics\": [{\"cvssV3_1\": {\"attackComplexity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"availabilityImpact\": \"NONE\", \"baseScore\": 6.8, \"baseSeverity\": \"MEDIUM\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"scope\": \"UNCHANGED\", \"userInteraction\": \"REQUIRED\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N\", \"version\": \"3.1\"}}], \"references\": [{\"name\": \"https://github.com/yiisoft/yii2-authclient/security/advisories/GHSA-rw54-6826-c8j5\", \"tags\": [\"x_refsource_CONFIRM\"], \"url\": \"https://github.com/yiisoft/yii2-authclient/security/advisories/GHSA-rw54-6826-c8j5\"}, {\"name\": \"https://github.com/yiisoft/yii2-authclient/commit/721ed974bc44137437b0cdc8454e137fff8db213\", \"tags\": [\"x_refsource_MISC\"], \"url\": \"https://github.com/yiisoft/yii2-authclient/commit/721ed974bc44137437b0cdc8454e137fff8db213\"}, {\"name\": \"https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth1.php#L158\", \"tags\": [\"x_refsource_MISC\"], \"url\": \"https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth1.php#L158\"}, {\"name\": \"https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth2.php#L121\", \"tags\": [\"x_refsource_MISC\"], \"url\": \"https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth2.php#L121\"}, {\"name\": \"https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OpenIdConnect.php#L420\", \"tags\": [\"x_refsource_MISC\"], \"url\": \"https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OpenIdConnect.php#L420\"}], \"affected\": [{\"vendor\": \"yiisoft\", \"product\": \"yii2-authclient\", \"versions\": [{\"version\": \"\u003c 2.2.15\", \"status\": \"affected\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2023-12-22T18:30:03.118Z\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"yii2-authclient is an extension that adds OpenID, OAuth, OAuth2 and OpenId Connect consumers for the Yii framework 2.0. In yii2-authclient prior to version 2.2.15, the Oauth2 PKCE implementation is vulnerable in 2 ways. First, the `authCodeVerifier` should be removed after usage (similar to `authState`). Second, there is a risk for a `downgrade attack` if PKCE is being relied on for CSRF protection. Version 2.2.15 contains a patch for the issue. No known workarounds are available.\"}], \"source\": {\"advisory\": \"GHSA-rw54-6826-c8j5\", \"discovery\": \"UNKNOWN\"}}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T22:16:47.248Z\"}, \"title\": \"CVE Program Container\", \"references\": [{\"name\": \"https://github.com/yiisoft/yii2-authclient/security/advisories/GHSA-rw54-6826-c8j5\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"], \"url\": \"https://github.com/yiisoft/yii2-authclient/security/advisories/GHSA-rw54-6826-c8j5\"}, {\"name\": \"https://github.com/yiisoft/yii2-authclient/commit/721ed974bc44137437b0cdc8454e137fff8db213\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"https://github.com/yiisoft/yii2-authclient/commit/721ed974bc44137437b0cdc8454e137fff8db213\"}, {\"name\": \"https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth1.php#L158\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth1.php#L158\"}, {\"name\": \"https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth2.php#L121\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth2.php#L121\"}, {\"name\": \"https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OpenIdConnect.php#L420\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OpenIdConnect.php#L420\"}]}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-50714\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-27T15:42:08.944505Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-27T15:42:27.608Z\"}}]}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-50714\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"GitHub_M\", \"dateReserved\": \"2023-12-11T17:53:36.029Z\", \"datePublished\": \"2023-12-22T18:30:03.118Z\", \"dateUpdated\": \"2024-11-27T15:43:11.763Z\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.