The renowned OpenID Connect (OIDC) identity service, Dex has detected and patched a critical vulnerability. The bug allows a threat actor access to the victim’s ID tokens via intercepted authorization code, potentially accessing clients’ applications without authorization. The vulnerability was patched by Sigstore developers Hayden Blauzvern, Bob Callaway, and ‘joernchen’, who initially reported the bug.
The open-source sandbox project of Cloud Native Computing Foundation, Dex utilizes an identification layer on top of OAuth 2.0, providing authentication to other applications.
Dex acts as a portal to other identity providers through certain ‘connectors’, ranging from authentication to LDAP servers, SAML providers, or identity providers like GitHub, Google, and Active Directory. As a result, Dex claims 35.6 million downloads to date. As stated in the Developer’s notification, the bug affects “Dex instances with the public clients (and by extension, clients accepting tokens issued by those Dex instances.”
As per the discovery made by security researchers, the threat actor can steal an OAuth authentication code by luring the victim to enter a malicious website and further, leading him into the OIDC flow. Thence the victim is tricked into exchanging the authorization code for a token, which allows access to applications that accept the token. As the exploit can be used
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: