// For flags

CVE-2023-50708

yii2-authclient vulnerable to possible timing attack on string comparison in OAuth1, OAuth2 and OpenID Connect implementation

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

yii2-authclient is an extension that adds OpenID, OAuth, OAuth2 and OpenId Connect consumers for the Yii framework 2.0. In yii2-authclient prior to version 2.2.15, the Oauth1/2 `state` and OpenID Connect `nonce` is vulnerable for a `timing attack` since it is compared via regular string comparison (instead of `Yii::$app->getSecurity()->compareString()`). Version 2.2.15 contains a patch for the issue. No known workarounds are available.

yii2-authclient es una extensión que agrega consumidores OpenID, OAuth, OAuth2 y OpenId Connect para el framework Yii 2.0. En yii2-authclient antes de la versión 2.2.15, el `state` de Oauth1/2 y el `nonce` de OpenID Connect son vulnerables a un `ataque de sincronización` ya que se compara mediante una comparación de cadenas regular (en lugar de `Yii::$app- >getSecurity()->compareString()`). La versión 2.2.15 contiene un parche para el problema. No hay workarounds disponibles.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
None
Integrity
High
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2023-12-11 CVE Reserved
  • 2023-12-22 CVE Published
  • 2024-01-09 EPSS Updated
  • 2024-08-02 CVE Updated
  • 2024-08-02 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-203: Observable Discrepancy
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Yiiframework
Search vendor "Yiiframework"
 Yii2-authclient
Search vendor "Yiiframework" for product "Yii2-authclient"
 < 2.2.15
Search vendor "Yiiframework" for product "Yii2-authclient" and version " < 2.2.15"
-
Affected