This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
authentik/website/docs/security/CVE-2022-46145.md
Jens Langhammer 7046944bf6
website: link CVE and attribute reporter
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-25 14:17:17 +01:00

22 lines
676 B
Markdown

# CVE-2022-46145
_Reported by [@sdimovv](https://github.com/sdimovv)_
## Unauthorized user creation and potential account takeover
### Impact
With the default flows, unauthenticated users can create new accounts in authentik. If a flow exists that allows for email-verified password recovery, this can be used to overwrite the email address of admin accounts and take over their accounts
### Patches
authentik 2022.11.2 and 2022.10.2 fix this issue, for other versions the workaround can be used.
### Workarounds
A policy can be created and bound to the `default-user-settings-flow` flow with the following contents
```python
return request.user.is_authenticated
```