Authentik
CVE-2022-46172
MEDIUM
Severity by source
AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L
Lifecycle Timeline
1DescriptionNVD
authentik is an open-source Identity provider focused on flexibility and versatility. In versions prior to 2022.10.4, and 2022.11.4, any authenticated user can create an arbitrary number of accounts through the default flows. This would circumvent any policy in a situation where it is undesirable for users to create new accounts by themselves. This may also affect other applications as these new basic accounts would exist throughout the SSO infrastructure. By default the newly created accounts cannot be logged into as no password reset exists by default. However password resets are likely to be enabled by most installations. This vulnerability pertains to the user context used in the default-user-settings-flow, /api/v3/flows/instances/default-user-settings-flow/execute/. This issue has been fixed in versions 2022.10.4 and 2022.11.4.
AnalysisAI
authentik is an open-source Identity provider focused on flexibility and versatility. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified as Improper Privilege Management (CWE-269), which allows attackers to escalate privileges to gain unauthorized elevated access. authentik is an open-source Identity provider focused on flexibility and versatility. In versions prior to 2022.10.4, and 2022.11.4, any authenticated user can create an arbitrary number of accounts through the default flows. This would circumvent any policy in a situation where it is undesirable for users to create new accounts by themselves. This may also affect other applications as these new basic accounts would exist throughout the SSO infrastructure. By default the newly created accounts cannot be logged into as no password reset exists by default. However password resets are likely to be enabled by most installations. This vulnerability pertains to the user context used in the default-user-settings-flow, /api/v3/flows/instances/default-user-settings-flow/execute/. This issue has been fixed in versions 2022.10.4 and 2022.11.4. Affected products include: Goauthentik Authentik. Version information: prior to 2022.10.4.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply principle of least privilege, validate privilege transitions, implement proper role separation.
authentik is an open-source identity provider. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploi
authentik is an open-source Identity Provider focused on flexibility and versatility. Rated high severity (CVSS 8.8), th
Authentication bypass in authentik identity provider (versions prior to 2025.12.6, 2026.2.4, and 2026.5.1) allows remote
authentik is an open-source Identity Provider. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploi
authentik is an open-source Identity Provider. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploi
authentik is an open-source identity provider. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploi
authentik is an open-source identity provider. After authorizing access to a RAC endpoint, authentik creates a token whi
Cross-site scripting in authentik identity provider versions prior to 2025.12.5 and 2026.2.3 allows remote attackers to
Code injection in authentik identity provider from 2021.3.1 through multiple versions. Users with delegated permissions
authentik is an open-source identity provider. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploi
Authentication bypass in authentik identity provider versions prior to 2025.12.6, 2026.2.4, and 2026.5.1 allows a low-pr
authentik is an open-source identity provider. [CVSS 8.8 HIGH]
Same weakness CWE-269 – Improper Privilege Management
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today