CVE-2023-36820

Micronaut Security is a security solution for applications. Prior to versions 3.1.2, 3.2.4, 3.3.2, 3.4.3, 3.5.3, 3.6.6, 3.7.4, 3.8.4, 3.9.6, 3.10.2, and 3.11.1, IdTokenClaimsValidator skips `aud` claim validation if token is issued by same identity issuer/provider. Any OIDC setup using Micronaut where multiple OIDC applications exists for the same issuer but token auth are not meant to be shared. This issue has been patched in versions 3.1.2, 3.2.4, 3.3.2, 3.4.3, 3.5.3, 3.6.6, 3.7.4, 3.8.4, 3.9.6, 3.10.2, and 3.11.1.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/micronaut-projects/micronaut-security/commit/9728b925221a0d87798ccf250657a3c214b7e980	Patch
https://github.com/micronaut-projects/micronaut-security/security/advisories/GHSA-qw22-8w9r-864h	Exploit Mitigation Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:objectcomputing:micronaut_security::::::::
	cpe:2.3:a:objectcomputing:micronaut_security::::::::
	cpe:2.3:a:objectcomputing:micronaut_security::::::::
	cpe:2.3:a:objectcomputing:micronaut_security::::::::
	cpe:2.3:a:objectcomputing:micronaut_security::::::::
	cpe:2.3:a:objectcomputing:micronaut_security::::::::
	cpe:2.3:a:objectcomputing:micronaut_security::::::::
	cpe:2.3:a:objectcomputing:micronaut_security::::::::
	cpe:2.3:a:objectcomputing:micronaut_security::::::::
	cpe:2.3:a:objectcomputing:micronaut_security::::::::
	cpe:2.3:a:objectcomputing:micronaut_security:3.11.0:::::::*

History

No history.

Information

Published : 2023-10-09 14:15

Updated : 2023-10-13 16:35

NVD link : CVE-2023-36820

Mitre link : CVE-2023-36820

CVE.ORG link : CVE-2023-36820

JSON object : View

Products Affected

objectcomputing

micronaut_security

CWE

CWE-284

Improper Access Control

{"id": "CVE-2023-36820", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 2.2}]}, "published": "2023-10-09T14:15:10.640", "references": [{"url": "https://github.com/micronaut-projects/micronaut-security/commit/9728b925221a0d87798ccf250657a3c214b7e980", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/micronaut-projects/micronaut-security/security/advisories/GHSA-qw22-8w9r-864h", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "Micronaut Security is a security solution for applications. Prior to versions 3.1.2, 3.2.4, 3.3.2, 3.4.3, 3.5.3, 3.6.6, 3.7.4, 3.8.4, 3.9.6, 3.10.2, and 3.11.1, IdTokenClaimsValidator skips `aud` claim validation if token is issued by same identity issuer/provider. Any OIDC setup using Micronaut where multiple OIDC applications exists for the same issuer but token auth are not meant to be shared. This issue has been patched in versions 3.1.2, 3.2.4, 3.3.2, 3.4.3, 3.5.3, 3.6.6, 3.7.4, 3.8.4, 3.9.6, 3.10.2, and 3.11.1.\n"}, {"lang": "es", "value": "Micronaut Security es una soluci\u00f3n de seguridad para aplicaciones. Antes de las versiones 3.1.2, 3.2.4, 3.3.2, 3.4.3, 3.5.3, 3.6.6, 3.7.4, 3.8.4, 3.9.6, 3.10.2 y 3.11.1, IdTokenClaimsValidator omite Validaci\u00f3n de reclamo `aud` si el token es emitido por el mismo emisor/proveedor de identidad. Cualquier configuraci\u00f3n de OIDC que utilice Micronaut en la que existan varias aplicaciones OIDC para el mismo emisor, pero la autenticaci\u00f3n de token no debe compartirse. Este problema se solucion\u00f3 en las versiones 3.1.2, 3.2.4, 3.3.2, 3.4.3, 3.5.3, 3.6.6, 3.7.4, 3.8.4, 3.9.6, 3.10.2 y 3.11. 1."}], "lastModified": "2023-10-13T16:35:04.037", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:objectcomputing:micronaut_security:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "670F1AC9-632E-4D47-9492-9BAC0084BE0E", "versionEndExcluding": "3.1.2"}, {"criteria": "cpe:2.3:a:objectcomputing:micronaut_security:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "813AFD3C-E241-4376-AAF7-C4B276055121", "versionEndExcluding": "3.2.4", "versionStartIncluding": "3.2.0"}, {"criteria": "cpe:2.3:a:objectcomputing:micronaut_security:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9626C2B1-79E6-4908-9ADF-E520DFC3402C", "versionEndExcluding": "3.3.2", "versionStartIncluding": "3.3.0"}, {"criteria": "cpe:2.3:a:objectcomputing:micronaut_security:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FBCDEED9-3639-4D90-9808-F27F9E2FB02B", "versionEndExcluding": "3.4.3", "versionStartIncluding": "3.4.0"}, {"criteria": "cpe:2.3:a:objectcomputing:micronaut_security:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FDC29054-500C-4B79-BDD5-B48D989D02E9", "versionEndExcluding": "3.5.3", "versionStartIncluding": "3.5.0"}, {"criteria": "cpe:2.3:a:objectcomputing:micronaut_security:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA9D354C-1D89-4B68-AF7C-D712F0A1A8AD", "versionEndExcluding": "3.6.6", "versionStartIncluding": "3.6.0"}, {"criteria": "cpe:2.3:a:objectcomputing:micronaut_security:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9AE52168-0CAF-4BF7-B88B-AF79149F6919", "versionEndExcluding": "3.7.4", "versionStartIncluding": "3.7.0"}, {"criteria": "cpe:2.3:a:objectcomputing:micronaut_security:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "71B1B0A7-CCA3-4199-BC32-37C1138C6BF5", "versionEndExcluding": "3.8.4", "versionStartIncluding": "3.8.0"}, {"criteria": "cpe:2.3:a:objectcomputing:micronaut_security:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA7B0DE4-ACD6-47AC-8059-9D9B97876B68", "versionEndExcluding": "3.9.6", "versionStartIncluding": "3.9.0"}, {"criteria": "cpe:2.3:a:objectcomputing:micronaut_security:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4476038E-A854-4946-9CBF-42E2253B17D9", "versionEndExcluding": "3.10.2", "versionStartIncluding": "3.10.0"}, {"criteria": "cpe:2.3:a:objectcomputing:micronaut_security:3.11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15398E49-FF87-4B88-B9B3-B326709E26AD"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}