Vulnerability Details CVE-2020-10187
Doorkeeper version 5.0.0 and later contains an information disclosure vulnerability that allows an attacker to retrieve the client secret only intended for the OAuth application owner. After authorizing the application and allowing access, the attacker simply needs to request the list of their authorized applications in a JSON format (usually GET /oauth/authorized_applications.json). An application is vulnerable if the authorized applications controller is enabled.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.4%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 4.3
References
- https://github.com/doorkeeper-gem/doorkeeper/commit/25d038022c2fcad45af5b73f9d003cf38ff491f6
- https://github.com/doorkeeper-gem/doorkeeper/releases
- https://github.com/doorkeeper-gem/doorkeeper/security/advisories/GHSA-j7vx-8mqj-cqp9
- https://github.com/rubysec/ruby-advisory-db/pull/446
- https://github.com/doorkeeper-gem/doorkeeper/commit/25d038022c2fcad45af5b73f9d003cf38ff491f6
- https://github.com/doorkeeper-gem/doorkeeper/releases
- https://github.com/doorkeeper-gem/doorkeeper/security/advisories/GHSA-j7vx-8mqj-cqp9
- https://github.com/rubysec/ruby-advisory-db/pull/446
Products affected by CVE-2020-10187
-
cpe:2.3:a:doorkeeper_project:doorkeeper:5.0.0
-
cpe:2.3:a:doorkeeper_project:doorkeeper:5.0.1
-
cpe:2.3:a:doorkeeper_project:doorkeeper:5.0.2
-
cpe:2.3:a:doorkeeper_project:doorkeeper:5.1.0
-
cpe:2.3:a:doorkeeper_project:doorkeeper:5.2.0
-
cpe:2.3:a:doorkeeper_project:doorkeeper:5.2.1
-
cpe:2.3:a:doorkeeper_project:doorkeeper:5.2.2
-
cpe:2.3:a:doorkeeper_project:doorkeeper:5.2.3
-
cpe:2.3:a:doorkeeper_project:doorkeeper:5.2.4
-
cpe:2.3:a:doorkeeper_project:doorkeeper:5.3.0
-
cpe:2.3:a:doorkeeper_project:doorkeeper:5.3.1