Lucene search

[email protected]NVD:CVE-2021-26593

HistoryFeb 23, 2021 - 7:15 p.m.

CVE-2021-26593

2021-02-2319:15:13

CWE-200

[email protected]

web.nvd.nist.gov

directus 8.x

unauthorized access

user information

2fa secret

api vulnerability

unsupported product

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.003

Percentile

71.1%

JSON

In Directus 8.x through 8.8.1, an attacker can see all users in the CMS using the API /users/{id}. For each call, they get in response a lot of information about the user (such as email address, first name, and last name) but also the secret for 2FA if one exists. This secret can be regenerated. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Affected configurations

Nvd

Node

rangerstudiodirectusRange8.0.0–8.8.1

VendorProductVersionCPE
rangerstudiodirectus*cpe:2.3:a:rangerstudio:directus:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
rangerstudio	directus	*	cpe:2.3:a:rangerstudio:directus::::::::

References

github.com/sgranel/directusv8

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.003

Percentile

71.1%

JSON

Related for NVD:CVE-2021-26593

cve1 prion1 cvelist1 osv1