CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-45596

Directus is a real-time API and App dashboard for managing SQL database content. An unauthenticated user can access credentials of last authenticated user via OpenID or OAuth2 where the authentication URL did not include redirect query string. This happens because on that endpoint for both OpenId and Oauth2 Directus is using the respond middleware, which by default will try to cache GET requests that met some conditions. Although, those conditions do not include this scenario, when an unauthenticated request returns user credentials. This vulnerability is fixed in 10.13.3 and 11.1.0.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 61.4%

CVSS Severity

CVSS v3 Score 7.4

References

Products affected by CVE-2024-45596

Monospace » Directus » Version: N/A

cpe:2.3:a:monospace:directus:-
Monospace » Directus » Version: 10.0.0

cpe:2.3:a:monospace:directus:10.0.0
Monospace » Directus » Version: 10.1.0

cpe:2.3:a:monospace:directus:10.1.0
Monospace » Directus » Version: 10.1.1

cpe:2.3:a:monospace:directus:10.1.1
Monospace » Directus » Version: 10.10.0

cpe:2.3:a:monospace:directus:10.10.0
Monospace » Directus » Version: 10.10.1

cpe:2.3:a:monospace:directus:10.10.1
Monospace » Directus » Version: 10.10.2

cpe:2.3:a:monospace:directus:10.10.2
Monospace » Directus » Version: 10.10.3

cpe:2.3:a:monospace:directus:10.10.3
Monospace » Directus » Version: 10.10.4

cpe:2.3:a:monospace:directus:10.10.4
Monospace » Directus » Version: 10.10.5

cpe:2.3:a:monospace:directus:10.10.5
Monospace » Directus » Version: 10.10.6

cpe:2.3:a:monospace:directus:10.10.6
Monospace » Directus » Version: 10.10.7

cpe:2.3:a:monospace:directus:10.10.7
Monospace » Directus » Version: 10.11.0

cpe:2.3:a:monospace:directus:10.11.0
Monospace » Directus » Version: 10.11.1

cpe:2.3:a:monospace:directus:10.11.1
Monospace » Directus » Version: 10.11.2

cpe:2.3:a:monospace:directus:10.11.2
Monospace » Directus » Version: 10.12.0

cpe:2.3:a:monospace:directus:10.12.0
Monospace » Directus » Version: 10.12.1

cpe:2.3:a:monospace:directus:10.12.1
Monospace » Directus » Version: 10.13.0

cpe:2.3:a:monospace:directus:10.13.0
Monospace » Directus » Version: 10.13.1

cpe:2.3:a:monospace:directus:10.13.1
Monospace » Directus » Version: 10.13.2

cpe:2.3:a:monospace:directus:10.13.2
Monospace » Directus » Version: 10.2.0

cpe:2.3:a:monospace:directus:10.2.0
Monospace » Directus » Version: 10.2.1

cpe:2.3:a:monospace:directus:10.2.1
Monospace » Directus » Version: 10.3.0

cpe:2.3:a:monospace:directus:10.3.0
Monospace » Directus » Version: 10.4.0

cpe:2.3:a:monospace:directus:10.4.0
Monospace » Directus » Version: 10.4.2

cpe:2.3:a:monospace:directus:10.4.2
Monospace » Directus » Version: 10.4.3

cpe:2.3:a:monospace:directus:10.4.3
Monospace » Directus » Version: 10.5.0

cpe:2.3:a:monospace:directus:10.5.0
Monospace » Directus » Version: 10.5.1

cpe:2.3:a:monospace:directus:10.5.1
Monospace » Directus » Version: 10.5.2

cpe:2.3:a:monospace:directus:10.5.2
Monospace » Directus » Version: 10.5.3

cpe:2.3:a:monospace:directus:10.5.3
Monospace » Directus » Version: 10.6.1

cpe:2.3:a:monospace:directus:10.6.1
Monospace » Directus » Version: 10.6.2

cpe:2.3:a:monospace:directus:10.6.2
Monospace » Directus » Version: 10.6.3

cpe:2.3:a:monospace:directus:10.6.3
Monospace » Directus » Version: 10.6.4

cpe:2.3:a:monospace:directus:10.6.4
Monospace » Directus » Version: 10.7.0

cpe:2.3:a:monospace:directus:10.7.0
Monospace » Directus » Version: 10.7.1

cpe:2.3:a:monospace:directus:10.7.1
Monospace » Directus » Version: 10.7.2

cpe:2.3:a:monospace:directus:10.7.2
Monospace » Directus » Version: 10.8.0

cpe:2.3:a:monospace:directus:10.8.0
Monospace » Directus » Version: 10.8.1

cpe:2.3:a:monospace:directus:10.8.1
Monospace » Directus » Version: 10.8.2

cpe:2.3:a:monospace:directus:10.8.2
Monospace » Directus » Version: 10.8.3

cpe:2.3:a:monospace:directus:10.8.3
Monospace » Directus » Version: 10.9.0

cpe:2.3:a:monospace:directus:10.9.0
Monospace » Directus » Version: 10.9.1

cpe:2.3:a:monospace:directus:10.9.1
Monospace » Directus » Version: 10.9.2

cpe:2.3:a:monospace:directus:10.9.2
Monospace » Directus » Version: 10.9.3

cpe:2.3:a:monospace:directus:10.9.3
Monospace » Directus » Version: 11.0.0

cpe:2.3:a:monospace:directus:11.0.0
Monospace » Directus » Version: 11.0.1

cpe:2.3:a:monospace:directus:11.0.1
Monospace » Directus » Version: 11.0.2

cpe:2.3:a:monospace:directus:11.0.2
Monospace » Directus » Version: 6.0.5

cpe:2.3:a:monospace:directus:6.0.5
Monospace » Directus » Version: 6.0.6

cpe:2.3:a:monospace:directus:6.0.6
Monospace » Directus » Version: 6.0.7

cpe:2.3:a:monospace:directus:6.0.7
Monospace » Directus » Version: 6.1.0

cpe:2.3:a:monospace:directus:6.1.0
Monospace » Directus » Version: 6.1.1

cpe:2.3:a:monospace:directus:6.1.1
Monospace » Directus » Version: 6.2.0

cpe:2.3:a:monospace:directus:6.2.0
Monospace » Directus » Version: 6.2.1

cpe:2.3:a:monospace:directus:6.2.1
Monospace » Directus » Version: 6.2.2

cpe:2.3:a:monospace:directus:6.2.2
Monospace » Directus » Version: 6.2.3

cpe:2.3:a:monospace:directus:6.2.3
Monospace » Directus » Version: 6.2.4

cpe:2.3:a:monospace:directus:6.2.4
Monospace » Directus » Version: 6.2.5

cpe:2.3:a:monospace:directus:6.2.5
Monospace » Directus » Version: 6.2.6

cpe:2.3:a:monospace:directus:6.2.6
Monospace » Directus » Version: 6.2.7

cpe:2.3:a:monospace:directus:6.2.7
Monospace » Directus » Version: 6.2.8

cpe:2.3:a:monospace:directus:6.2.8
Monospace » Directus » Version: 6.3.0

cpe:2.3:a:monospace:directus:6.3.0
Monospace » Directus » Version: 6.3.1

cpe:2.3:a:monospace:directus:6.3.1
Monospace » Directus » Version: 6.3.2

cpe:2.3:a:monospace:directus:6.3.2
Monospace » Directus » Version: 6.3.3

cpe:2.3:a:monospace:directus:6.3.3
Monospace » Directus » Version: 6.3.4

cpe:2.3:a:monospace:directus:6.3.4
Monospace » Directus » Version: 6.3.5

cpe:2.3:a:monospace:directus:6.3.5
Monospace » Directus » Version: 6.3.6

cpe:2.3:a:monospace:directus:6.3.6
Monospace » Directus » Version: 6.3.7

cpe:2.3:a:monospace:directus:6.3.7
Monospace » Directus » Version: 6.3.8

cpe:2.3:a:monospace:directus:6.3.8
Monospace » Directus » Version: 6.3.9

cpe:2.3:a:monospace:directus:6.3.9
Monospace » Directus » Version: 6.4.0

cpe:2.3:a:monospace:directus:6.4.0
Monospace » Directus » Version: 6.4.1

cpe:2.3:a:monospace:directus:6.4.1
Monospace » Directus » Version: 6.4.2

cpe:2.3:a:monospace:directus:6.4.2
Monospace » Directus » Version: 6.4.3

cpe:2.3:a:monospace:directus:6.4.3
Monospace » Directus » Version: 6.4.4

cpe:2.3:a:monospace:directus:6.4.4
Monospace » Directus » Version: 6.4.5

cpe:2.3:a:monospace:directus:6.4.5
Monospace » Directus » Version: 6.4.6

cpe:2.3:a:monospace:directus:6.4.6
Monospace » Directus » Version: 6.4.7

cpe:2.3:a:monospace:directus:6.4.7
Monospace » Directus » Version: 6.4.8

cpe:2.3:a:monospace:directus:6.4.8
Monospace » Directus » Version: 6.4.9

cpe:2.3:a:monospace:directus:6.4.9
Monospace » Directus » Version: 7.0.0

cpe:2.3:a:monospace:directus:7.0.0
Monospace » Directus » Version: 7.0.1

cpe:2.3:a:monospace:directus:7.0.1
Monospace » Directus » Version: 7.0.10

cpe:2.3:a:monospace:directus:7.0.10
Monospace » Directus » Version: 7.0.11

cpe:2.3:a:monospace:directus:7.0.11
Monospace » Directus » Version: 7.0.12

cpe:2.3:a:monospace:directus:7.0.12
Monospace » Directus » Version: 7.0.13

cpe:2.3:a:monospace:directus:7.0.13
Monospace » Directus » Version: 7.0.14

cpe:2.3:a:monospace:directus:7.0.14
Monospace » Directus » Version: 7.0.15

cpe:2.3:a:monospace:directus:7.0.15
Monospace » Directus » Version: 7.0.16

cpe:2.3:a:monospace:directus:7.0.16
Monospace » Directus » Version: 7.0.17

cpe:2.3:a:monospace:directus:7.0.17
Monospace » Directus » Version: 7.0.18

cpe:2.3:a:monospace:directus:7.0.18
Monospace » Directus » Version: 7.0.19

cpe:2.3:a:monospace:directus:7.0.19
Monospace » Directus » Version: 7.0.2

cpe:2.3:a:monospace:directus:7.0.2
Monospace » Directus » Version: 7.0.3

cpe:2.3:a:monospace:directus:7.0.3
Monospace » Directus » Version: 7.0.4

cpe:2.3:a:monospace:directus:7.0.4
Monospace » Directus » Version: 7.0.5

cpe:2.3:a:monospace:directus:7.0.5
Monospace » Directus » Version: 7.0.6

cpe:2.3:a:monospace:directus:7.0.6
Monospace » Directus » Version: 7.0.7

cpe:2.3:a:monospace:directus:7.0.7
Monospace » Directus » Version: 7.0.8

cpe:2.3:a:monospace:directus:7.0.8
Monospace » Directus » Version: 7.0.9

cpe:2.3:a:monospace:directus:7.0.9
Monospace » Directus » Version: 7.1.0

cpe:2.3:a:monospace:directus:7.1.0
Monospace » Directus » Version: 7.10.0

cpe:2.3:a:monospace:directus:7.10.0
Monospace » Directus » Version: 7.11.0

cpe:2.3:a:monospace:directus:7.11.0
Monospace » Directus » Version: 7.2.0

cpe:2.3:a:monospace:directus:7.2.0
Monospace » Directus » Version: 7.3.0

cpe:2.3:a:monospace:directus:7.3.0
Monospace » Directus » Version: 7.3.1

cpe:2.3:a:monospace:directus:7.3.1
Monospace » Directus » Version: 7.4.0

cpe:2.3:a:monospace:directus:7.4.0
Monospace » Directus » Version: 7.5.0

cpe:2.3:a:monospace:directus:7.5.0
Monospace » Directus » Version: 7.6.0

cpe:2.3:a:monospace:directus:7.6.0
Monospace » Directus » Version: 7.6.1

cpe:2.3:a:monospace:directus:7.6.1
Monospace » Directus » Version: 7.6.2

cpe:2.3:a:monospace:directus:7.6.2
Monospace » Directus » Version: 7.7.0

cpe:2.3:a:monospace:directus:7.7.0
Monospace » Directus » Version: 7.8.0

cpe:2.3:a:monospace:directus:7.8.0
Monospace » Directus » Version: 7.9.0

cpe:2.3:a:monospace:directus:7.9.0
Monospace » Directus » Version: 8.0.0

cpe:2.3:a:monospace:directus:8.0.0
Monospace » Directus » Version: 8.0.1

cpe:2.3:a:monospace:directus:8.0.1
Monospace » Directus » Version: 8.0.2

cpe:2.3:a:monospace:directus:8.0.2
Monospace » Directus » Version: 8.1.0

cpe:2.3:a:monospace:directus:8.1.0
Monospace » Directus » Version: 8.2.0

cpe:2.3:a:monospace:directus:8.2.0
Monospace » Directus » Version: 8.3.0

cpe:2.3:a:monospace:directus:8.3.0
Monospace » Directus » Version: 8.3.1

cpe:2.3:a:monospace:directus:8.3.1
Monospace » Directus » Version: 8.4.0

cpe:2.3:a:monospace:directus:8.4.0
Monospace » Directus » Version: 8.5.0

cpe:2.3:a:monospace:directus:8.5.0
Monospace » Directus » Version: 8.5.1

cpe:2.3:a:monospace:directus:8.5.1
Monospace » Directus » Version: 8.5.2

cpe:2.3:a:monospace:directus:8.5.2
Monospace » Directus » Version: 8.5.3

cpe:2.3:a:monospace:directus:8.5.3
Monospace » Directus » Version: 8.5.4

cpe:2.3:a:monospace:directus:8.5.4
Monospace » Directus » Version: 8.5.5

cpe:2.3:a:monospace:directus:8.5.5
Monospace » Directus » Version: 8.6.0

cpe:2.3:a:monospace:directus:8.6.0
Monospace » Directus » Version: 8.6.1

cpe:2.3:a:monospace:directus:8.6.1
Monospace » Directus » Version: 8.6.2

cpe:2.3:a:monospace:directus:8.6.2
Monospace » Directus » Version: 8.7.0

cpe:2.3:a:monospace:directus:8.7.0
Monospace » Directus » Version: 8.7.1

cpe:2.3:a:monospace:directus:8.7.1
Monospace » Directus » Version: 8.7.2

cpe:2.3:a:monospace:directus:8.7.2
Monospace » Directus » Version: 8.8.0

cpe:2.3:a:monospace:directus:8.8.0
Monospace » Directus » Version: 8.8.1

cpe:2.3:a:monospace:directus:8.8.1
Monospace » Directus » Version: 8.8.2

cpe:2.3:a:monospace:directus:8.8.2
Monospace » Directus » Version: 9.0.0

cpe:2.3:a:monospace:directus:9.0.0
Monospace » Directus » Version: 9.0.1

cpe:2.3:a:monospace:directus:9.0.1
Monospace » Directus » Version: 9.1.0

cpe:2.3:a:monospace:directus:9.1.0
Monospace » Directus » Version: 9.1.1

cpe:2.3:a:monospace:directus:9.1.1
Monospace » Directus » Version: 9.1.2

cpe:2.3:a:monospace:directus:9.1.2
Monospace » Directus » Version: 9.10.0

cpe:2.3:a:monospace:directus:9.10.0
Monospace » Directus » Version: 9.11.0

cpe:2.3:a:monospace:directus:9.11.0
Monospace » Directus » Version: 9.11.1

cpe:2.3:a:monospace:directus:9.11.1
Monospace » Directus » Version: 9.12.0

cpe:2.3:a:monospace:directus:9.12.0
Monospace » Directus » Version: 9.12.1

cpe:2.3:a:monospace:directus:9.12.1
Monospace » Directus » Version: 9.12.2

cpe:2.3:a:monospace:directus:9.12.2
Monospace » Directus » Version: 9.13.0

cpe:2.3:a:monospace:directus:9.13.0
Monospace » Directus » Version: 9.14.0

cpe:2.3:a:monospace:directus:9.14.0
Monospace » Directus » Version: 9.14.1

cpe:2.3:a:monospace:directus:9.14.1
Monospace » Directus » Version: 9.14.2

cpe:2.3:a:monospace:directus:9.14.2
Monospace » Directus » Version: 9.14.3

cpe:2.3:a:monospace:directus:9.14.3
Monospace » Directus » Version: 9.14.4

cpe:2.3:a:monospace:directus:9.14.4
Monospace » Directus » Version: 9.14.5

cpe:2.3:a:monospace:directus:9.14.5
Monospace » Directus » Version: 9.15.0

cpe:2.3:a:monospace:directus:9.15.0
Monospace » Directus » Version: 9.15.1

cpe:2.3:a:monospace:directus:9.15.1
Monospace » Directus » Version: 9.16.0

cpe:2.3:a:monospace:directus:9.16.0
Monospace » Directus » Version: 9.16.1

cpe:2.3:a:monospace:directus:9.16.1
Monospace » Directus » Version: 9.17.0

cpe:2.3:a:monospace:directus:9.17.0
Monospace » Directus » Version: 9.17.1

cpe:2.3:a:monospace:directus:9.17.1
Monospace » Directus » Version: 9.17.2

cpe:2.3:a:monospace:directus:9.17.2
Monospace » Directus » Version: 9.17.3

cpe:2.3:a:monospace:directus:9.17.3
Monospace » Directus » Version: 9.17.4

cpe:2.3:a:monospace:directus:9.17.4
Monospace » Directus » Version: 9.18.0

cpe:2.3:a:monospace:directus:9.18.0
Monospace » Directus » Version: 9.18.1

cpe:2.3:a:monospace:directus:9.18.1
Monospace » Directus » Version: 9.19.0

cpe:2.3:a:monospace:directus:9.19.0
Monospace » Directus » Version: 9.19.1

cpe:2.3:a:monospace:directus:9.19.1
Monospace » Directus » Version: 9.19.2

cpe:2.3:a:monospace:directus:9.19.2
Monospace » Directus » Version: 9.2.0

cpe:2.3:a:monospace:directus:9.2.0
Monospace » Directus » Version: 9.2.1

cpe:2.3:a:monospace:directus:9.2.1
Monospace » Directus » Version: 9.2.2

cpe:2.3:a:monospace:directus:9.2.2
Monospace » Directus » Version: 9.20.0

cpe:2.3:a:monospace:directus:9.20.0
Monospace » Directus » Version: 9.20.1

cpe:2.3:a:monospace:directus:9.20.1
Monospace » Directus » Version: 9.20.2

cpe:2.3:a:monospace:directus:9.20.2
Monospace » Directus » Version: 9.20.3

cpe:2.3:a:monospace:directus:9.20.3
Monospace » Directus » Version: 9.20.4

cpe:2.3:a:monospace:directus:9.20.4
Monospace » Directus » Version: 9.21.0

cpe:2.3:a:monospace:directus:9.21.0
Monospace » Directus » Version: 9.21.1

cpe:2.3:a:monospace:directus:9.21.1
Monospace » Directus » Version: 9.21.2

cpe:2.3:a:monospace:directus:9.21.2
Monospace » Directus » Version: 9.22.0

cpe:2.3:a:monospace:directus:9.22.0
Monospace » Directus » Version: 9.22.1

cpe:2.3:a:monospace:directus:9.22.1
Monospace » Directus » Version: 9.22.2

cpe:2.3:a:monospace:directus:9.22.2
Monospace » Directus » Version: 9.22.3

cpe:2.3:a:monospace:directus:9.22.3
Monospace » Directus » Version: 9.22.4

cpe:2.3:a:monospace:directus:9.22.4
Monospace » Directus » Version: 9.23.0

cpe:2.3:a:monospace:directus:9.23.0
Monospace » Directus » Version: 9.23.1

cpe:2.3:a:monospace:directus:9.23.1
Monospace » Directus » Version: 9.23.2

cpe:2.3:a:monospace:directus:9.23.2
Monospace » Directus » Version: 9.23.3

cpe:2.3:a:monospace:directus:9.23.3
Monospace » Directus » Version: 9.23.4

cpe:2.3:a:monospace:directus:9.23.4
Monospace » Directus » Version: 9.24.0

cpe:2.3:a:monospace:directus:9.24.0
Monospace » Directus » Version: 9.25.0

cpe:2.3:a:monospace:directus:9.25.0
Monospace » Directus » Version: 9.25.1

cpe:2.3:a:monospace:directus:9.25.1
Monospace » Directus » Version: 9.25.2

cpe:2.3:a:monospace:directus:9.25.2
Monospace » Directus » Version: 9.26.0

cpe:2.3:a:monospace:directus:9.26.0
Monospace » Directus » Version: 9.3.0

cpe:2.3:a:monospace:directus:9.3.0
Monospace » Directus » Version: 9.4.0

cpe:2.3:a:monospace:directus:9.4.0
Monospace » Directus » Version: 9.4.1

cpe:2.3:a:monospace:directus:9.4.1
Monospace » Directus » Version: 9.4.2

cpe:2.3:a:monospace:directus:9.4.2
Monospace » Directus » Version: 9.4.3

cpe:2.3:a:monospace:directus:9.4.3
Monospace » Directus » Version: 9.5.0

cpe:2.3:a:monospace:directus:9.5.0
Monospace » Directus » Version: 9.5.1

cpe:2.3:a:monospace:directus:9.5.1
Monospace » Directus » Version: 9.5.2

cpe:2.3:a:monospace:directus:9.5.2
Monospace » Directus » Version: 9.6.0

cpe:2.3:a:monospace:directus:9.6.0
Monospace » Directus » Version: 9.7.0

cpe:2.3:a:monospace:directus:9.7.0
Monospace » Directus » Version: 9.7.1

cpe:2.3:a:monospace:directus:9.7.1
Monospace » Directus » Version: 9.8.0

cpe:2.3:a:monospace:directus:9.8.0
Monospace » Directus » Version: 9.9.0

cpe:2.3:a:monospace:directus:9.9.0
Monospace » Directus » Version: 9.9.1

cpe:2.3:a:monospace:directus:9.9.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-45596

Products

Pricing

Contact Us