CVE-2018-1000211
unknown
CVSS v3
—
CVSS v2
—
VIR risk
—
Description
Doorkeeper version 4.2.0 and later contains a Incorrect Access Control vulnerability in Token revocation API's authorized method that can result in Access tokens are not revoked for public OAuth apps, leaking access until expiry.
Predictions
Exploit likelihood
30%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2018-1000211
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| debian | bookworm | fixed | 4.4.2-1 |
| debian | bullseye | fixed | 4.4.2-1 |
| debian | forky | fixed | 4.4.2-1 |
| debian | sid | fixed | 4.4.2-1 |
| debian | trixie | fixed | 4.4.2-1 |
Package impact
| Ecosystem | Package | Vulnerable | Fixed |
|---|---|---|---|
| RubyGems | doorkeeper | !< 4.2.0||<>= 4.4.0 | >= 4.4.0 |
| RubyGems | doorkeeper | >=4.2.0,<4.4.0 | 4.4.0 |
References
- https://blog.justinbull.ca/cve-2018-1000211-public-apps-cant-revoke-tokens-in-doorkeeper/
- https://nvd.nist.gov/vuln/detail/CVE-2018-1000211
- https://github.com/doorkeeper-gem/doorkeeper/issues/891
- https://github.com/doorkeeper-gem/doorkeeper/pull/1119
- https://github.com/advisories/GHSA-694m-jhr9-pf77
- https://github.com/doorkeeper-gem/doorkeeper
- https://security-tracker.debian.org/tracker/CVE-2018-1000211
Verify integrity in audit chain (admin only). AS-IS.