Buildbot OAuth Authentication Vulnerability

The exploit of the day today is a Vulnerability affecting the popular Continuous integration tool buildbot .

CVE: CVE-2019-12300

Links:
https://buildbot.net/
https://www.python.org/dev/buildbot/
https://github.com/buildbot/buildbot/wiki/OAuth-vulnerability-in-using-submitted-authorization-token-for-authentication
https://github.com/buildbot/buildbot/commit/8dd63f494af50ce58b0a8d79ad7eff2b25ca3460

The Vulnerability was found and reported by Phillip Kuhrt and affects the Oauth authentication feature used in buildbot.

Buildbot is used by several larger software provider such as:
Monero
utah.edu
wxpython
React OS
llvm
Openslide
Openwrt

This makes third parties able to authenticate as a legitimate user.

The vulnerability is officially described as the following:

If an attacker has an application authorized to access data 
of another user at the same Identity Provider as the used by 
the Buildbot instance, then he can acquire a token to access 
the data of that user, supply the token to the Buildbot instance 
and successfully login as the victim.

If you are using Oauth in any of your applications we recommend that you verify the implementation of it.

A better validation of tokens has been implemented in the commit 8dd63f494af50ce58b0a8d79ad7eff2b25ca3460

Buildbot OAuth Authentication Vulnerability

Buildbot OAuth Authentication Vulnerability

Firo Solutions Blog