Lucene search

GitHub_MCVELIST:CVE-2020-15223

HistorySep 24, 2020 - 4:15 p.m.

CVE-2020-15223 Ignored storage errors on token revokation in ORY Fosite

2020-09-2416:15:45

CWE-755

GitHub_M

www.cve.org

ory fosite

token revocation

oauth2

openid connect

storage errors

cve-2020-15223

security vulnerability

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N

AI Score

7.7

Confidence

High

EPSS

0.002

Percentile

52.5%

JSON

In ORY Fosite (the security first OAuth2 & OpenID Connect framework for Go) before version 0.34.0, the TokenRevocationHandler ignores errors coming from the storage. This can lead to unexpected 200 status codes indicating successful revocation while the token is still valid. Whether an attacker can use this for her advantage depends on the ability to trigger errors in the store. This is fixed in version 0.34.0

CNA Affected

[
  {
    "product": "fosite",
    "vendor": "ory",
    "versions": [
      {
        "status": "affected",
        "version": "< 0.34.0"
      }
    ]
  }
]

References

github.com/ory/fosite/commit/03dd55813f5521985f7dd64277b7ba0cf1441319

github.com/ory/fosite/security/advisories/GHSA-7mqr-2v3q-v2wm

tools.ietf.org/html/rfc7009#section-2.2.1

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N

AI Score

7.7

Confidence

High

EPSS

0.002

Percentile

52.5%

JSON

Related for CVELIST:CVE-2020-15223