CVE-2024-34708 — Sensitive Information Exposure in Directus

CWE-200 — Sensitive Information Exposure3 documents3 sources

Severity

4.9MEDIUMNVD

EPSS

0.3%

top 44.53%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Directus Monospace Directus

Timeline

Latest updateMay 13

PublishedMay 14

Description

Directus is a real-time API and App dashboard for managing SQL database content. A user with permission to view any collection using redacted hashed fields can get access the raw stored version using the `alias` functionality on the API. Normally, these redacted fields will return `**********` however if we change the request to `?alias[workaround]=redacted` we can instead retrieve the plain text value for the field. This can be avoided by removing permission to view the sensitive fields entirel…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 1.2 | Impact: 3.6

Affected Packages3 packages

▶CVEListV5directus/directus< 10.11.0

▶npmdirectus/directus< 10.11.0

▶NVDmonospace/directus< 10.11.0

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

Directus allows redacted data extraction on the API through "alias"↗2024-05-13

▶

OSV

Directus allows redacted data extraction on the API through "alias"↗2024-05-13

▶