CVE-2024-47070

Summary

CVE-2024-47070 is a vulnerability affecting authentik, an open-source identity provider. In versions prior to 2024.8.3 and 2024.6.5, an attacker can bypass password login by manipulating the X-Forwarded-For header with an unparsable IP address, such as 'a'. This allows unauthorized access to any account using a known email address or login. The vulnerability arises when the authentik instance trusts the X-Forwarded-For header, which is not reproducible from external hosts on a properly configured environment. The root cause is a misconfiguration of policy bindings in the password and identification stages, resulting in the password stage being skipped due to an exception caused by an unvalidated X-Forwarded-For header. The default blueprint fails to set the `failure_result` to `True` on the policy binding, causing the policy to return false and skip the password stage. Versions 2024.8.3 and 2024.6.5 address this issue by properly handling the exception and ensuring the password stage is not skipped.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.