#VU83565 Improper access control in oauth2 - CVE-2023-49104

Cybersecurity Help s.r.o.

Published: 2023-11-29

Vulnerability identifier: #VU83565

Vulnerability risk: Medium

CVSSv4.0: 6.9 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-49104

CWE-ID: CWE-284

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
oauth2
Universal components / Libraries / Programming Languages & Components

Vendor: ownCloud

Description

The vulnerability allows a remote attacker to bypass subdomain validation.

The vulnerability exists due to improper access restrictions when Allow Subdomains is enabled. A remote attacker can pass in a specially crafted redirect-url which bypasses the validation code and thus allows the attacker to redirect callbacks to a TLD controlled by the attacker.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

oauth2: 0.1.0 - 0.6.0

External links
https://owncloud.com/security-advisories/subdomain-validation-bypass/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Subdomain validation bypass in ownCloud oauth2