Zitadel prior 2.37.3/2.38.0 Password Reset response discrepancy
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 4.4 | $0-$5k | 0.00 |
Summary
A vulnerability was found in Zitadel. It has been classified as problematic. Affected is an unknown function of the component Password Reset. The manipulation leads to response discrepancy. This vulnerability is uniquely identified as CVE-2023-44399. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is recommended.
Details
A vulnerability was found in Zitadel. It has been rated as problematic. This issue affects an unknown code block of the component Password Reset. The manipulation with an unknown input leads to a response discrepancy vulnerability. Using CWE to declare the problem leads to CWE-204. The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere. Impacted is confidentiality. The summary by CVE is:
ZITADEL provides identity infrastructure. In versions 2.37.2 and prior, ZITADEL administrators can enable a setting called "Ignoring unknown usernames" which helps mitigate attacks that try to guess/enumerate usernames. While this settings was properly working during the authentication process it did not work correctly on the password reset flow. This meant that even if this feature was active that an attacker could use the password reset function to verify if an account exist within ZITADEL. This bug has been patched in versions 2.37.3 and 2.38.0. No known workarounds are available.
The weakness was disclosed 10/10/2023 as GHSA-v683-rcxx-vpff. The advisory is shared at github.com. The identification of this vulnerability is CVE-2023-44399 since 09/28/2023. Neither technical details nor an exploit are publicly available. MITRE ATT&CK project uses the attack technique T1592 for this issue.
Upgrading to version 2.37.3 or 2.38.0 eliminates this vulnerability. The upgrade is hosted for download at github.com.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Product
Name
Website
- Product: https://github.com/zitadel/zitadel/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 4.5VulDB Meta Temp Score: 4.4
VulDB Base Score: 3.7
VulDB Temp Score: 3.6
VulDB Vector: 🔍
VulDB Reliability: 🔍
CNA Base Score: 5.3
CNA Vector (GitHub, Inc.): 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: Response discrepancyCWE: CWE-204 / CWE-203 / CWE-200
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: Zitadel 2.37.3/2.38.0
Timeline
09/28/2023 🔍10/10/2023 🔍
10/10/2023 🔍
10/10/2023 🔍
Sources
Product: github.comAdvisory: GHSA-v683-rcxx-vpff
Status: Confirmed
CVE: CVE-2023-44399 (🔍)
GCVE (CVE): GCVE-0-2023-44399
GCVE (VulDB): GCVE-100-241757
Entry
Created: 10/10/2023 19:34Changes: 10/10/2023 19:34 (49)
Complete: 🔍
Cache ID: 216::103
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
No comments yet. Languages: en.
Please log in to comment.