ghsa-f6jm-9pr8-9c3w
Vulnerability from github
Published
2023-12-15 12:30
Modified
2024-05-17 14:04
Severity ?
Summary
Multiple WSO2 products vulnerable to perform user impersonatoin using JIT provisioning
Details
Multiple WSO2 products have been identified as vulnerable to perform user impersonatoin using JIT provisioning. In order for this vulnerability to have any impact on your deployment, following conditions must be met:
- An IDP configured for federated authentication and JIT provisioning enabled with the "Prompt for username, password and consent" option.
- A service provider that uses the above IDP for federated authentication and has the "Assert identity using mapped local subject identifier" flag enabled.
Attacker should have:
- A fresh valid user account in the federated IDP that has not been used earlier.
- Knowledge of the username of a valid user in the local IDP.
When all preconditions are met, a malicious actor could use JIT provisioning flow to perform user impersonation.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.wso2.carbon.identity.framework:org.wso2.carbon.identity.application.authentication.framework"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.20.254"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.wso2.identity.apps:authentication-portal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.6.179.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-6837"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": true,
"github_reviewed_at": "2024-01-05T22:09:43Z",
"nvd_published_at": "2023-12-15T10:15:09Z",
"severity": "HIGH"
},
"details": "Multiple WSO2 products have been identified as vulnerable to perform user impersonatoin using JIT provisioning.\u00a0In order for this vulnerability to have any impact on your deployment, following conditions must be met:\n\n * An IDP configured for federated authentication and JIT provisioning enabled with the \"Prompt for username, password and consent\" option.\n * A service provider that uses the above IDP for federated authentication and has the \"Assert identity using mapped local subject identifier\" flag enabled.\n\n\nAttacker should have:\n\n * A fresh valid user account in the federated IDP that has not been used earlier.\n * Knowledge of the username of a valid user in the local IDP.\n\n\nWhen all preconditions are met, a malicious actor could use JIT provisioning flow to perform user impersonation.",
"id": "GHSA-f6jm-9pr8-9c3w",
"modified": "2024-05-17T14:04:39Z",
"published": "2023-12-15T12:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6837"
},
{
"type": "WEB",
"url": "https://github.com/wso2/carbon-identity-framework/commit/fdab609760784086b8a3f55f7acf46d977a03d79"
},
{
"type": "WEB",
"url": "https://github.com/wso2/identity-apps/commit/1424203bbe81688d661ea8b8cd28e332302e1c53"
},
{
"type": "WEB",
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2022/WSO2-2021-1573"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "Multiple WSO2 products vulnerable to perform user impersonatoin using JIT provisioning"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.