fkie_cve-2022-24857
Vulnerability from fkie_nvd
Published
2022-04-15 19:15
Modified
2024-11-21 06:51
Severity ?
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
django-mfa3 is a library that implements multi factor authentication for the django web framework. It achieves this by modifying the regular login view. Django however has a second login view for its admin area. This second login view was not modified, so the multi factor authentication can be bypassed. Users are affected if they have activated both django-mfa3 (< 0.5.0) and django.contrib.admin and have not taken any other measures to prevent users from accessing the admin login view. The issue has been fixed in django-mfa3 0.5.0. It is possible to work around the issue by overwriting the admin login route, e.g. by adding the following URL definition *before* the admin routes: url('admin/login/', lambda request: redirect(settings.LOGIN_URL)
References
security-advisories@github.comhttps://github.com/xi/django-mfa3/blob/main/CHANGES.md#050-2022-04-15Release Notes, Third Party Advisory
security-advisories@github.comhttps://github.com/xi/django-mfa3/commit/32f656e22df120b84bdf010e014bb19bd97971dePatch, Third Party Advisory
security-advisories@github.comhttps://github.com/xi/django-mfa3/security/advisories/GHSA-3r7g-wrpr-j5g4Third Party Advisory
security-advisories@github.comhttps://security.netapp.com/advisory/ntap-20220609-0003/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/xi/django-mfa3/blob/main/CHANGES.md#050-2022-04-15Release Notes, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/xi/django-mfa3/commit/32f656e22df120b84bdf010e014bb19bd97971dePatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/xi/django-mfa3/security/advisories/GHSA-3r7g-wrpr-j5g4Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20220609-0003/Third Party Advisory
Impacted products
Vendor Product Version
django-mfa3_project django-mfa3 *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:django-mfa3_project:django-mfa3:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5924974-0076-41F8-AADF-B90D308B5B10",
              "versionEndExcluding": "0.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "django-mfa3 is a library that implements multi factor authentication for the django web framework. It achieves this by modifying the regular login view. Django however has a second login view for its admin area. This second login view was not modified, so the multi factor authentication can be bypassed. Users are affected if they have activated both django-mfa3 (\u003c 0.5.0) and django.contrib.admin and have not taken any other measures to prevent users from accessing the admin login view. The issue has been fixed in django-mfa3 0.5.0. It is possible to work around the issue by overwriting the admin login route, e.g. by adding the following URL definition *before* the admin routes: url(\u0027admin/login/\u0027, lambda request: redirect(settings.LOGIN_URL)"
    },
    {
      "lang": "es",
      "value": "django-mfa3 es una librer\u00eda que implementa la autenticaci\u00f3n multifactor para el framework web django. Lo consigue al modificar la visualizaci\u00f3n de inicio de sesi\u00f3n normal. Sin embargo, Django presenta una segunda visualizaci\u00f3n de inicio de sesi\u00f3n para su \u00e1rea de administraci\u00f3n. Esta segunda visualizaci\u00f3n de inicio de sesi\u00f3n no fue modificada, por lo que la autenticaci\u00f3n multifactor puede ser omitida. Los usuarios est\u00e1n afectados si han activado tanto django-mfa3 (versiones anteriores a 0.5.0) como django.contrib.admin y no han tomado ninguna otra medida para evitar que los usuarios accedan a la visualizaci\u00f3n de inicio de sesi\u00f3n del administrador. El problema ha sido corregido en django-mfa3 versi\u00f3n 0.5.0. Es posible mitigar el problema al sobrescribir la ruta de inicio de sesi\u00f3n del administrador, por ejemplo, al a\u00f1adir la siguiente definici\u00f3n de URL *before* de las rutas del administrador: url(\"admin/login/\", lambda request: redirect(settings.LOGIN_URL)"
    }
  ],
  "id": "CVE-2022-24857",
  "lastModified": "2024-11-21T06:51:14.910",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.1,
        "impactScore": 5.2,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-04-15T19:15:12.447",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/xi/django-mfa3/blob/main/CHANGES.md#050-2022-04-15"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/xi/django-mfa3/commit/32f656e22df120b84bdf010e014bb19bd97971de"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/xi/django-mfa3/security/advisories/GHSA-3r7g-wrpr-j5g4"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20220609-0003/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/xi/django-mfa3/blob/main/CHANGES.md#050-2022-04-15"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/xi/django-mfa3/commit/32f656e22df120b84bdf010e014bb19bd97971de"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/xi/django-mfa3/security/advisories/GHSA-3r7g-wrpr-j5g4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20220609-0003/"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.