Vulnerability identifier: #VU64723
Vulnerability risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-295
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Parse Server
Web applications /
Modules and components for CMS
Vendor: Parse Community
Description
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to missing certificate validation in Apple Game Center auth adapter. A remote attacker can issue a fake certificate accessible via certain Apple domains, provide the URL to that certificate in an authData object and bypass authentication.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Parse Server: 4.0.0 - 4.10.10
External links
http://developer.apple.com/news/?id=stttq465
http://github.com/parse-community/parse-server/security/advisories/GHSA-rh9j-f5f8-rvgc
http://github.com/parse-community/parse-server/pull/8054
http://github.com/parse-community/parse-server/commit/ba2b0a9cb9a568817a114b132a4c2e0911d76df1
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.