Vulnerability Name:

CVE-2022-29214 (CCN-227157)

Assigned:2022-05-10
Published:2022-05-10
Updated:2022-06-07
Summary:NextAuth.js (next-auth) is am open source authentication solution for Next.js applications. Prior to versions 3.29.3 and 4.3.3, an open redirect vulnerability is present when the developer is implementing an OAuth 1 provider. Versions 3.29.3 and 4.3.3 contain a patch for this issue. The maintainers recommend adding a certain configuration to one's `callbacks` option as a workaround for those unable to upgrade.
CVSS v3 Severity:6.1 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
5.3 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): None
7.4 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N)
6.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): None
Integrity (I): High
Availibility (A): None
CVSS v2 Severity:5.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): None
6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:C/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): Complete
Availibility (A): None
Vulnerability Type:CWE-601
Vulnerability Consequences:Other
References:Source: MITRE
Type: CNA
CVE-2022-29214

Source: XF
Type: UNKNOWN
nextauth-cve202229214-open-redirect(227157)

Source: MISC
Type: Release Notes, Third Party Advisory
https://github.com/nextauthjs/next-auth/releases/tag/next-auth%40v4.3.3

Source: CCN
Type: next-auth GIT Repository
URL Redirection to Untrusted Site ('Open Redirect') in next-auth

Source: CONFIRM
Type: Third Party Advisory
https://github.com/nextauthjs/next-auth/security/advisories/GHSA-q2mx-j4x2-2h74

Source: CCN
Type: SNYK-JS-NEXTAUTH-2841457
Open Redirect

Source: CCN
Type: Mend Vulnerability Database
CVE-2022-29214

Vulnerable Configuration:Configuration 1:
  • cpe:/a:nextauth.js:next-auth:*:*:*:*:*:node.js:*:* (Version < 3.29.3)
  • OR cpe:/a:nextauth.js:next-auth:*:*:*:*:*:node.js:*:* (Version >= 4.0.0 and < 4.3.3)

    • Configuration CCN 1:
  • cpe:/a:nodejs:node.js:*:*:*:*:-:*:*:*

    • * Denotes that component is vulnerable
    BACK
    nextauth.js next-auth *
    nextauth.js next-auth *
    nodejs node.js *