CVE-2024-39896 — Sensitive Information Exposure in Directus

CWE-200 — Sensitive Information Exposure3 documents3 sources

Severity

5.3MEDIUMNVD

EPSS

0.5%

top 32.75%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Monospace Directus Directus

Timeline

PublishedJul 8

Description

Directus is a real-time API and App dashboard for managing SQL database content. When relying on SSO providers in combination with local authentication it can be possible to enumerate existing SSO users in the instance. This is possible because if an email address exists in Directus and belongs to a known SSO provider then it will throw a "helpful" error that the user belongs to another provider. This vulnerability is fixed in 10.13.0.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages3 packages

▶npmdirectus/directus9.11 — 10.13.0

▶NVDmonospace/directus< 10.13.0

▶CVEListV5directus/directus>= 9.11, < 10.13.0

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

Directus Allows Single Sign-On User Enumeration↗2024-07-08

▶

GHSA

Directus Allows Single Sign-On User Enumeration↗2024-07-08

▶