5 matches found
CVE-2022-46172
authentik is an open-source Identity provider focused on flexibility and versatility. In versions prior to 2022.10.4, and 2022.11.4, any authenticated user can create an arbitrary number of accounts through the default flows. This would circumvent any policy in a situation where it is undesirable...
CVE-2022-46172
creationtimestamp| type| source ---|---|--- 2022-12-28 12:12:12+00:00| seen| https://t.me/cibsecurity/55464...
CVE-2022-46172 authentik allows existing authenticated users to create arbitrary accounts
authentik is an open-source Identity provider focused on flexibility and versatility. In versions prior to 2022.10.4, and 2022.11.4, any authenticated user can create an arbitrary number of accounts through the default flows. This would circumvent any policy in a situation where it is undesirable...
CVE-2022-46172 authentik allows existing authenticated users to create arbitrary accounts
authentik is an open-source Identity provider focused on flexibility and versatility. In versions prior to 2022.10.4, and 2022.11.4, any authenticated user can create an arbitrary number of accounts through the default flows. This would circumvent any policy in a situation where it is undesirable...
CVE-2022-46172
Summary: CVE-2022-46172 affects authentik (open-source identity provider). In versions prior to 2022.10.4 and 2022.11.4, any authenticated user could create an arbitrary number of basic accounts through the default-user-settings-flow (/api/v3/flows/instances/default-user-settings-flow/execute/), ...