Due to lack of proper authorization checks a malicious actor was able to rotate API token of a different user using the Roll Token API method leading to DoS for the token owner and the applications that use it. Exploitation of this vulnerability required prior knowledge of the victim's token ID (in UUID format). The fix was released by Cloudflare Engineering enforcing proper access controls for this endpoint.

Actions:

View on HackerOne

Reported by esx

Report Details

Additional information and metadata

State

Closed

Substate

Resolved

Submitted

Weakness

Improper Access Control - Generic