CVE-2024-47822

Public Exploit
Directus inserts access token from query string into logs

Description

Directus is a real-time API and App dashboard for managing SQL database content. Access tokens from query strings are not redacted and are potentially exposed in system logs which may be persisted. The access token in `req.query` is not redacted when the `LOG_STYLE` is set to `raw`. If these logs are not properly sanitized or protected, an attacker with access to it can potentially gain administrative control, leading to unauthorized data access and manipulation. This impacts systems where the `LOG_STYLE` is set to `raw`. The `access_token` in the query could potentially be a long-lived static token. Users with impacted systems should rotate their static tokens if they were provided using query string. This vulnerability has been patched in release version 10.13.2 and subsequent releases as well. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Category

4.2
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.02%
Vendor Advisory github.com
Affected: directus directus
Published at:
Updated at:

References

Link Tags
https://github.com/directus/directus/security/advisories/GHSA-vw58-ph65-6rxp vendor advisory exploit
https://github.com/directus/directus/commit/2e893f9c576d5a02506272fe2c0bcc12e6c58768

Frequently Asked Questions

What is the severity of CVE-2024-47822?
CVE-2024-47822 has been scored as a medium severity vulnerability.
How to fix CVE-2024-47822?
To fix CVE-2024-47822, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-47822 being actively exploited in the wild?
It is possible that CVE-2024-47822 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-47822?
CVE-2024-47822 affects directus directus.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.