CVE-2024-52287

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-52287
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-52287.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-52287
Aliases
  • GHSA-v6m7-8j37-8f4v
Published
2024-11-21T17:23:40.640Z
Modified
2025-12-05T05:57:24.059956Z
Severity
  • 6.4 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H CVSS Calculator
Summary
authentik performs insufficient validation of OAuth scopes
Details

authentik is an open-source identity provider. When using the clientcredentials or devicecode OAuth grants, it was possible for an attacker to get a token from authentik with scopes that haven't been configured in authentik. authentik 2024.8.5 and 2024.10.3 fix this issue.

Database specific 
{
    "cna_assigner": "GitHub_M",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/52xxx/CVE-2024-52287.json",
    "cwe_ids": [
        "CWE-285"
    ]
}
References

Affected packages

Git / github.com/goauthentik/authentik

Affected ranges

Type
GIT
Repo
https://github.com/goauthentik/authentik
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
c99a33baeefad46454d8bbd7ac263bb633598e4e
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2024.8.5"
        }
    ]
}
Type
GIT
Repo
https://github.com/goauthentik/authentik
Events
Introduced
246cae3dfaa6cc1895a691b7a7d0af1d8b851541
Fixed
a9776a83d38850da3b2212efa9485a73b46e512f
Database specific 
{
    "versions": [
        {
            "introduced": "2024.10.0-rc1"
        },
        {
            "fixed": "2024.10.3"
        }
    ]
}

Affected versions

version/0.*
version/0.0.10-alpha
version/0.0.11-alpha
version/0.0.12-alpha
version/0.0.13-alpha
version/0.0.2-alpha
version/0.0.3-alpha
version/0.0.4-alpha
version/0.0.5-alpha
version/0.0.6-alpha
version/0.0.7-alpha
version/0.0.8-alpha
version/0.0.9-alpha
version/0.1.0-beta
version/0.1.1-beta
version/0.1.10-beta
version/0.1.11-beta
version/0.1.12-beta
version/0.1.13-beta
version/0.1.14-beta
version/0.1.15-beta
version/0.1.16-beta
version/0.1.17-beta
version/0.1.18-beta
version/0.1.19-beta
version/0.1.2-beta
version/0.1.20-beta
version/0.1.21-beta
version/0.1.22-beta
version/0.1.23-beta
version/0.1.24-beta
version/0.1.25-beta
version/0.1.26-beta
version/0.1.27-beta
version/0.1.28-beta
version/0.1.29-beta
version/0.1.3-beta
version/0.1.30-beta
version/0.1.31-beta
version/0.1.32-beta
version/0.1.33-beta
version/0.1.34-beta
version/0.1.35-beta
version/0.1.36-beta
version/0.1.37-beta
version/0.1.38-beta
version/0.1.4-beta
version/0.1.5-beta
version/0.1.6-beta
version/0.1.7-beta
version/0.1.8-beta
version/0.1.9-beta
version/0.10.0-rc1
version/0.10.0-rc2
version/0.10.0-rc3
version/0.10.0-rc4
version/0.10.0-rc5
version/0.10.0-rc6
version/0.10.0-stable
version/0.10.1-stable
version/0.10.2-stable
version/0.10.3-stable
version/0.10.4-stable
version/0.10.5-stable
version/0.10.6-stable
version/0.10.7-stable
version/0.10.8-stable
version/0.10.9-stable
version/0.11.0-stable
version/0.12.0-stable
version/0.12.1-stable
version/0.12.10-stable
version/0.12.11-stable
version/0.12.2-stable
version/0.12.3-stable
version/0.12.4-stable
version/0.12.5-stable
version/0.12.6-stable
version/0.12.7-stable
version/0.12.8-stable
version/0.12.9-stable
version/0.13.0-rc1
version/0.13.0-rc2
version/0.13.0-rc3
version/0.13.0-rc4
version/0.13.0-stable
version/0.13.1-stable
version/0.13.2-stable
version/0.13.3-stable
version/0.2.0-beta
version/0.2.1-beta
version/0.2.2-beta
version/0.2.3-beta
version/0.2.4-beta
version/0.2.5-beta
version/0.2.6-beta
version/0.2.7-beta
version/0.2.8-beta
version/0.3.0-beta
version/0.4.0-beta
version/0.4.1-beta
version/0.4.2-beta
version/0.5.0-beta
version/0.6.0-beta
version/0.6.1-beta
version/0.6.10-beta
version/0.6.11-beta
version/0.6.2-beta
version/0.6.3-beta
version/0.6.4-beta
version/0.6.5-beta
version/0.6.6-beta
version/0.6.7-beta
version/0.6.8-beta
version/0.6.9-beta
version/0.7.0-beta
version/0.7.1-beta
version/0.7.10-beta
version/0.7.11-beta
version/0.7.12-beta
version/0.7.13-beta
version/0.7.14-beta
version/0.7.15-beta
version/0.7.16-beta
version/0.7.17-beta
version/0.7.2-beta
version/0.7.3-beta
version/0.7.4-beta
version/0.7.5-beta
version/0.7.6-beta
version/0.7.7-beta
version/0.7.8-beta
version/0.7.9-beta
version/0.8.0-beta
version/0.8.1-beta
version/0.8.10-beta
version/0.8.11-beta
version/0.8.12-beta
version/0.8.14-beta
version/0.8.15-beta
version/0.8.2-beta
version/0.8.3-beta
version/0.8.4-beta
version/0.8.5-beta
version/0.8.6-beta
version/0.8.7-beta
version/0.8.8-beta
version/0.8.9-beta
version/0.9.0-pre1
version/0.9.0-pre2
version/0.9.0-pre3
version/0.9.0-pre4
version/0.9.0-pre5
version/0.9.0-pre6
version/0.9.0-pre7
version/0.9.0-rc1
version/0.9.0-rc2
version/0.9.0-stable
version/2021.*
version/2021.1.1-rc1
version/2021.1.1-rc2
version/2021.1.1-stable
version/2021.1.2-stable
version/2021.1.3-stable
version/2021.1.4-stable
version/2021.10.1
version/2021.10.1-rc1
version/2021.10.1-rc2
version/2021.10.1-rc3
version/2021.10.2
version/2021.10.3
version/2021.10.4
version/2021.12.1
version/2021.12.1-rc1
version/2021.12.1-rc2
version/2021.12.1-rc3
version/2021.12.1-rc4
version/2021.12.1-rc5
version/2021.12.2
version/2021.12.3
version/2021.12.4
version/2021.12.5
version/2021.2.1-rc1
version/2021.2.1-rc2
version/2021.2.1-stable
version/2021.2.2-stable
version/2021.2.3-stable
version/2021.2.4-stable
version/2021.2.5-stable
version/2021.2.6-stable
version/2021.3.1
version/2021.3.1-rc1
version/2021.3.1-rc2
version/2021.3.2
version/2021.3.3
version/2021.3.4
version/2021.4.1
version/2021.4.1-rc1
version/2021.4.1-rc2
version/2021.4.2
version/2021.4.3
version/2021.4.4
version/2021.4.5
version/2021.5.1
version/2021.5.1-rc1
version/2021.5.1-rc10
version/2021.5.1-rc2
version/2021.5.1-rc3
version/2021.5.1-rc4
version/2021.5.1-rc5
version/2021.5.1-rc6
version/2021.5.1-rc7
version/2021.5.1-rc8
version/2021.5.1-rc9
version/2021.5.2
version/2021.5.3
version/2021.5.4
version/2021.6.1
version/2021.6.1-rc1
version/2021.6.1-rc2
version/2021.6.1-rc3
version/2021.6.1-rc4
version/2021.6.1-rc5
version/2021.6.1-rc6
version/2021.6.2
version/2021.6.3
version/2021.6.4
version/2021.7.1
version/2021.7.1-rc1
version/2021.7.1-rc2
version/2021.7.2
version/2021.7.3
version/2021.8.1
version/2021.8.1-rc1
version/2021.8.1-rc2
version/2021.8.2
version/2021.8.3
version/2021.8.4
version/2021.9.1
version/2021.9.1-rc1
version/2021.9.1-rc2
version/2021.9.1-rc3
version/2021.9.2
version/2021.9.3
version/2021.9.4
version/2021.9.5
version/2021.9.6
version/2021.9.7
version/2021.9.8
version/2022.*
version/2022.1.1
version/2022.1.2
version/2022.1.3
version/2022.1.4
version/2022.1.5
version/2022.10.0
version/2022.10.1
version/2022.11.0
version/2022.11.1
version/2022.11.2
version/2022.11.3
version/2022.11.4
version/2022.12.0
version/2022.12.1
version/2022.12.2
version/2022.2.1
version/2022.3.1
version/2022.3.2
version/2022.3.3
version/2022.4.1
version/2022.5.1
version/2022.5.2
version/2022.5.3
version/2022.6.1
version/2022.6.2
version/2022.6.3
version/2022.7.1
version/2022.7.2
version/2022.7.3
version/2022.8.1
version/2022.8.2
version/2022.9.0
version/2023.*
version/2023.1.0
version/2023.1.1
version/2023.1.2
version/2023.10.0
version/2023.10.1
version/2023.10.2
version/2023.2.0
version/2023.2.1
version/2023.2.2
version/2023.5.0
version/2023.5.1
version/2023.5.2
version/2023.5.3
version/2023.6.0
version/2023.6.1
version/2023.8.0
version/2023.8.1
version/2023.8.2
version/2023.8.3
version/2024.*
version/2024.10.0
version/2024.10.0-rc1
version/2024.10.1
version/2024.10.2
version/2024.6.0
version/2024.6.0-rc1
version/2024.6.0-rc2
version/2024.8.0
version/2024.8.0-rc1
version/2024.8.0-rc2
version/2024.8.1
version/2024.8.2
version/2024.8.3
version/2024.8.4

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-52287.json"