CVE-2024-27295

2024-03-0116:15:46

CWE-706

[email protected]

web.nvd.nist.gov

directus

api

app dashboard

sql database

password reset

vulnerability

cve-2024-27295

security

mysql

mariadb

8.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

8.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Directus is a real-time API and App dashboard for managing SQL database content. The password reset mechanism of the Directus backend allows attackers to receive a password reset email of a victim user, specifically having it arrive at a similar email address as the victim with a one or more characters changed to use accents. This is due to the fact that by default MySQL/MariaDB are configured for accent-insensitive and case-insensitive comparisons. This vulnerability is fixed in version 10.8.3.

Affected configurations

Vulners

Node

directusdirectusRange<10.8.3

CNA Affected

[
  {
    "vendor": "directus",
    "product": "directus",
    "versions": [
      {
        "version": "< 10.8.3",
        "status": "affected"
      }
    ]
  }
]