Auth0 Vulnerabilidad

Cronología

Escribe

Not Defined	10
JavaScript Library	2

Producto

Auth0 passport-wsfed-saml2	2
Auth0 Auth0-WCF-Service-JWT	2
Auth0 Express OpenID Connect	2
Auth0 Lock	2
Auth0 Passport-SharePoint	2

Contramedidas

Official Fix	12
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	0

Explotabilidad

High	0
Functional	0
Proof-of-Concept	0
Unproven	0
Not Defined	12

Vector de acceso

Not Defined	0
Physical	0
Local	0
Adjacent	0
Network	12

Autenticación

Not Defined	0
High	0
Low	0
None	12

La interacción del usuario

Not Defined	0
Required	4
None	8

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	2
≤7	4
≤8	6
≤9	0
≤10	0

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	2
≤7	4
≤8	6
≤9	0
≤10	0

VulDB

≤1	0
≤2	0
≤3	0
≤4	0
≤5	2
≤6	2
≤7	2
≤8	6
≤9	0
≤10	0

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	4
≤8	2
≤9	4
≤10	2

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	2
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Proveedor

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Explotar día 0

<1k	0
<2k	8
<5k	4
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Explotar hoy

<1k	12
<2k	0
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Explotar el volumen del mercado

🔴 CTI Ocupaciones

Affected Products (12): Auth0-WCF-Service-JWT (1), Express OpenID Connect (1), Lock (1), Next.js (1), Next.js SDK (1), Passport-SharePoint (1), angular-jwt (1), auth0-aspnet (1), auth0-aspnet-owin (1), auth0-lock (1), auth0.js Library (2), passport-wsfed-saml2 (1)

Fecha de publicación	Base	Temp	Vulnerabilidad	Prod	Exp	Con	EPSS	CTI	CVE
2021-12-17	6.3	6.2	Auth0 Next.js Login URL Redirect	JavaScript Library	Not Defined	Official Fix	0.00061	0.00	CVE-2021-43812
2021-12-09	6.6	6.5	Auth0 Express OpenID Connect Session Cookie autenticación débil	Desconocido	Not Defined	Official Fix	0.00212	0.00	CVE-2021-41246
2021-06-26	3.1	3.0	Auth0 Next.js SDK cross site scripting	JavaScript Library	Not Defined	Official Fix	0.00174	0.00	CVE-2021-32702
2021-06-05	3.5	3.4	Auth0 auth0-lock Sign In cross site scripting	Desconocido	Not Defined	Official Fix	0.00109	0.00	CVE-2021-32641
2020-02-03	5.2	5.1	Auth0 Lock additionalSignUpFields cross site scripting	Desconocido	Not Defined	Official Fix	0.00112	0.04	CVE-2019-20174
2019-07-25	7.3	7.1	Auth0 Passport-SharePoint Access Token autenticación débil	Desconocido	Not Defined	Official Fix	0.00092	0.00	CVE-2019-13483
2019-04-11	7.5	7.4	Auth0 Auth0-WCF-Service-JWT Error Message Signature autenticación débil	Desconocido	Not Defined	Official Fix	0.00222	0.00	CVE-2019-7644
2018-08-29	6.5	6.5	Auth0 auth0-aspnet/auth0-aspnet-owin oAuth 2.0 cross site request forgery	Desconocido	Not Defined	Not Defined	0.00073	0.00	CVE-2018-15121
2018-06-19	6.9	6.6	Auth0 angular-jwt Regular Expression escalada de privilegios	JavaScript Library	Not Defined	Official Fix	0.00137	0.03	CVE-2018-11537
2018-03-06	6.5	6.2	Auth0 auth0.js Library cross site request forgery	Software Library	Not Defined	Official Fix	0.00073	0.00	CVE-2018-7307

2 no se muestran más entradas

🔒 Login Required

You need to signup and login to see more of the remaining 2 results.

◂ AnteriorVisión De ConjuntoPróximo ▸

Interested in the pricing of exploits?

See the underground prices here!