Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2023-50708

MEDIUM
Published 2023-12-22T18:25:01.925Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2023-50708. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.1
6.1
/10
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N
Base Score Metrics
Exploitability: N/A Impact: N/A

EPSS Score

v2025.03.14
0.002
probability
of exploitation in the wild

There is a 0.2% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-06-25
Exploit Probability
Percentile: 0.379
Higher than 37.9% of all CVEs

Attack Vector Metrics

Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED

Impact Metrics

Confidentiality
NONE
Integrity
HIGH
Availability
NONE

Description

yii2-authclient is an extension that adds OpenID, OAuth, OAuth2 and OpenId Connect consumers for the Yii framework 2.0. In yii2-authclient prior to version 2.2.15, the Oauth1/2 `state` and OpenID Connect `nonce` is vulnerable for a `timing attack` since it is compared via regular string comparison (instead of `Yii::$app->getSecurity()->compareString()`). Version 2.2.15 contains a patch for the issue. No known workarounds are available.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

yiisoft

yii2-authclient

Affected Versions:

< 2.2.15

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

✓ GitHub Reviewed LOW

yii2-authclient vulnerable to possible timing attack on string comparison in OAuth1, OAuth2 and OpenID Connect implementation

GHSA-w8vh-p74j-x9xp

Advisory Details

### Impact _What kind of vulnerability is it? Who is impacted?_ Original Report: > The Oauth1/2 "state" and OpenID Connect "nonce" is vulnerable for a "timing attack" since it's compared via regular string > comparison (instead of `Yii::$app->getSecurity()->compareString()`). Affected Code: 1. OAuth 1 "state" https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth1.php#L158 3. OAuth 2 "state" https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth2.php#L121 4. OpenID Connect "nonce" https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OpenIdConnect.php#L420 ### Patches _Has the problem been patched? What versions should users upgrade to?_ TBD: Replace strcmp with `Yii::$app->getSecurity()->compareString()`). ### Workarounds _Is there a way for users to fix or remediate the vulnerability without upgrading?_ not as far as I see. ### References _Are there any links users can visit to find out more?_

Affected Packages

Packagist yiisoft/yii2-authclient
ECOSYSTEM: ≥0 <2.2.15

CVSS Scoring

CVSS Score

2.5

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:N

References

WEB https://github.com/yiisoft/yii2-authclient/security/advisories/GHSA-w8vh-p74j-x9xp
ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2023-50708
WEB https://github.com/yiisoft/yii2-authclient/commit/dabddf2154ab7e7703740205a069202554089248
PACKAGE https://github.com/yiisoft/yii2-authclient
WEB https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth1.php#L158
WEB https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth2.php#L121
WEB https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OpenIdConnect.php#L420

Advisory provided by GitHub Security Advisory Database. Published: December 18, 2023, Modified: December 22, 2023

References

https://github.com/yiisoft/yii2-authclient/security/advisories/GHSA-w8vh-p74j-x9xp
https://github.com/yiisoft/yii2-authclient/commit/dabddf2154ab7e7703740205a069202554089248
https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth1.php#L158
https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OAuth2.php#L121
https://github.com/yiisoft/yii2-authclient/blob/0d1c3880f4d79e20aa1d77c012650b54e69695ff/src/OpenIdConnect.php#L420
Published: 2023-12-22T18:25:01.925Z
Last Modified: 2024-08-02T22:16:47.124Z
Copied to clipboard!