OAuth Token Abuse in Quay Enables Unauthorized App Auth
CVE-2024-5891 Published on June 12, 2024

Quay: unauthorized user may authenticate via oauth application token
A vulnerability was found in Quay. If an attacker can obtain the client ID for an application, they can use an OAuth token to authenticate despite not having access to the organization from which the application was created. This issue is limited to authentication and not authorization. However, in configurations where endpoints rely only on authentication, a user may authenticate to applications they otherwise have no access to.

NVD

Vulnerability Analysis

CVE-2024-5891 can be exploited with network access, and requires small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.

Attack Vector:
NETWORK
Attack Complexity:
HIGH
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
LOW
Integrity Impact:
LOW
Availability Impact:
NONE

Timeline

Reported to Red Hat.

Made public. 13 days later.

Weakness Type

CWE-1390

Products Associated with CVE-2024-5891

Want to know whenever a new CVE is published for Red Hat Quay? stack.watch will email you.

Red Hat Quay
 

Affected Versions

Red Hat Quay 3:

Exploit Probability

EPSS
0.12%
Percentile
30.38%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.