Описание
2FA bypass in Wagtail through new device path
2FA bypass through new device path
Impact
If someone gains access to someone's Wagtail login credentials, they can log into the CMS and bypass the 2FA check by changing the URL. They can then add a new device and gain full access to the CMS.
Patches
This problem has been patched in version 1.3.0.
Workarounds
There is no workaround at the moment.
For more information
If you have any questions or comments about this advisory:
- Open an issue in github.com/labd/wagtail-2fa
- Email us at security@labdigital.nl
Ссылки
- https://github.com/labd/wagtail-2fa/security/advisories/GHSA-89px-ww3j-g2mm
- https://nvd.nist.gov/vuln/detail/CVE-2019-16766
- https://github.com/labd/wagtail-2fa/commit/13b12995d35b566df08a17257a23863ab6efb0ca
- https://github.com/labd/wagtail-2fa/commit/a6711b29711729005770ff481b22675b35ff5c81
- https://github.com/pypa/advisory-database/tree/main/vulns/wagtail-2fa/PYSEC-2019-135.yaml
Пакеты
wagtail-2fa
< 1.3.0
1.3.0
EPSS
6.3 Medium
CVSS4
8.7 High
CVSS3
CVE ID
Дефекты
Связанные уязвимости
When using wagtail-2fa before 1.3.0, if someone gains access to someone's Wagtail login credentials, they can log into the CMS and bypass the 2FA check by changing the URL. They can then add a new device and gain full access to the CMS. This problem has been patched in version 1.3.0.
EPSS
6.3 Medium
CVSS4
8.7 High
CVSS3