S4E

CVE-2024-49757 Scanner

CVE-2024-49757 scanner - Authorization Bypass vulnerability in Zitadel

Short Info


Level

High

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

1 month 3 days

Scan only one

URL

Toolbox

-

Zitadel is an open-source identity infrastructure used by businesses and developers to handle user authentication and access control in web applications. It supports multi-tenant environments and provides both user and organizational authentication capabilities. The platform is implemented by developers to streamline user management, security, and identity verification processes across web and mobile applications. By centralizing identity management, Zitadel aims to improve security for applications needing reliable user authentication. Developers choose Zitadel for its flexibility, configurability, and secure access control mechanisms.

The vulnerability in Zitadel pertains to an authorization bypass where certain controls can be circumvented, potentially allowing unauthorized users to register new accounts. This occurs because of a missing security check, where disabling user self-registration only hides the registration button on the login page. However, users can still directly access the registration URL to create new accounts. This flaw affects several older versions, and users are advised to update to patched versions to ensure security. Exploiting this vulnerability could lead to unauthorized user creation, increasing the risk of unauthorized access to systems.

The vulnerability arises from a failure in Zitadel's authorization checks, specifically when the "User Registration allowed" option is disabled. This setting only removes the registration button from the login page rather than fully disabling the registration endpoint. Attackers can access the registration URL /ui/login/register directly, bypassing the intended restriction and registering unauthorized accounts. The system lacks proper validation at the URL level, making it possible to exploit this weakness. The issue affects versions before 2.64.0, and there is no known workaround other than updating. Security patches were introduced in versions 2.64.0, 2.63.5, and others listed in the CVE.

Exploiting this vulnerability allows attackers to create unauthorized user accounts, bypassing standard access restrictions. This could lead to unauthorized access to sensitive areas of applications, increasing the risk of data breaches and misuse of system resources. Attackers could impersonate legitimate users, escalate privileges, and perform potentially damaging actions within affected systems. Left unpatched, this vulnerability could be exploited by malicious actors for account takeover or other unauthorized activities, potentially compromising sensitive information and application security.

With the S4E platform, you gain proactive security insights for your digital assets, helping prevent potential breaches and ensuring a secure digital environment. The platform provides automated vulnerability scanning and detailed analysis to assist you in mitigating risks before attackers exploit them. This scanner not only highlights the risks in Zitadel’s authorization settings but also suggests corrective measures, saving time and resources for your security team. Join the platform to stay ahead of security threats and continuously monitor the integrity of your applications.

References:

Get started to protecting your Free Full Security Scan