CVE-2021-45890
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2021-45890
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-45890.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2021-45890
- Published
- 2021-12-27T20:15:07Z
- Modified
- 2025-10-15T13:29:38.162472Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
basic/BasicAuthProvider.java in AuthGuard before 0.9.0 allows authentication via an inactive identifier.
- References
Affected packages
Git / github.com/authguard/authguard
Affected ranges
- Type
- GIT
- Repo
- https://github.com/authguard/authguard
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Database specific
vanir_signatures
[
{
"source": "https://github.com/authguard/authguard/commit/9783b1143da6576028de23e15a1f198b1f937b82",
"id": "CVE-2021-45890-3716e3c1",
"target": {
"file": "basic-auth/src/test/java/com/nexblocks/authguard/basic/BasicAuthProviderTest.java"
},
"signature_type": "Line",
"signature_version": "v1",
"digest": {
"line_hashes": [
"167451568374590941642638019719435585980",
"244461828869912855486190070844818968020",
"110533295592723580884075625693817486629",
"6727291960660647492694646324850011975",
"195524628311366956063717402381845051477",
"70824970217294445646298249717423644273",
"239757304757888333073196595667093680713"
],
"threshold": 0.9
},
"deprecated": false
},
{
"source": "https://github.com/authguard/authguard/commit/9783b1143da6576028de23e15a1f198b1f937b82",
"id": "CVE-2021-45890-37777aba",
"target": {
"function": "verifyCredentialsAndGetAccount",
"file": "basic-auth/src/main/java/com/nexblocks/authguard/basic/BasicAuthProvider.java"
},
"signature_type": "Function",
"signature_version": "v1",
"digest": {
"function_hash": "156748055427572707027455893573753558502",
"length": 607.0
},
"deprecated": false
},
{
"source": "https://github.com/authguard/authguard/commit/9783b1143da6576028de23e15a1f198b1f937b82",
"id": "CVE-2021-45890-7f9b402a",
"target": {
"function": "verifyCredentialsAndGetAccount",
"file": "basic-auth/src/main/java/com/nexblocks/authguard/basic/BasicAuthProvider.java"
},
"signature_type": "Function",
"signature_version": "v1",
"digest": {
"function_hash": "31423526453879081218906602053074544697",
"length": 326.0
},
"deprecated": false
},
{
"source": "https://github.com/authguard/authguard/commit/9783b1143da6576028de23e15a1f198b1f937b82",
"id": "CVE-2021-45890-8f69176a",
"target": {
"file": "service-api/src/main/java/com/nexblocks/authguard/service/exceptions/codes/ErrorCode.java"
},
"signature_type": "Line",
"signature_version": "v1",
"digest": {
"line_hashes": [
"30339207016731526823475821203145998952",
"237493918917445117086843407447476730824",
"195696297985794415947037894285166722498",
"59030671861724921690586633073770806895"
],
"threshold": 0.9
},
"deprecated": false
},
{
"source": "https://github.com/authguard/authguard/commit/9783b1143da6576028de23e15a1f198b1f937b82",
"id": "CVE-2021-45890-c185195a",
"target": {
"function": "authenticate",
"file": "basic-auth/src/test/java/com/nexblocks/authguard/basic/BasicAuthProviderTest.java"
},
"signature_type": "Function",
"signature_version": "v1",
"digest": {
"function_hash": "313821238547583351448578767452514814025",
"length": 1023.0
},
"deprecated": false
},
{
"source": "https://github.com/authguard/authguard/commit/9783b1143da6576028de23e15a1f198b1f937b82",
"id": "CVE-2021-45890-e0fddcc2",
"target": {
"file": "service-api/src/main/java/com/nexblocks/authguard/service/model/UserIdentifier.java"
},
"signature_type": "Line",
"signature_version": "v1",
"digest": {
"line_hashes": [
"201559486459685630455182539774519015215",
"305309987987366996116947124261328106850",
"25689703975335259379157252414779480968",
"46124762262897755457166005675124312426"
],
"threshold": 0.9
},
"deprecated": false
},
{
"source": "https://github.com/authguard/authguard/commit/9783b1143da6576028de23e15a1f198b1f937b82",
"id": "CVE-2021-45890-e992fe6f",
"target": {
"file": "basic-auth/src/main/java/com/nexblocks/authguard/basic/BasicAuthProvider.java"
},
"signature_type": "Line",
"signature_version": "v1",
"digest": {
"line_hashes": [
"22214750003900349557462986305969541362",
"126448820680283142044260122981539736148",
"92373096140101911942297410542047478189",
"61481259893629621771726770020027193290",
"174772473666014353802964198251701151796",
"179700644048307070213302642732886322410",
"217235780360665246504306858829811732265",
"323853222717439550910662091304485431350",
"296652433523478802321946300034504237957",
"146000067014268965655070353432237092140",
"234040505066537207772850258631597931717",
"332694152203992319604560548049949212272",
"136872266342728900586140003671738504004",
"325681963130043785140076653370785752449",
"108015144445120882093882979612440175278",
"218403671869182823479685485069552104671",
"311723854284278882750727088753999027533",
"325039254501209277499457548022885147493"
],
"threshold": 0.9
},
"deprecated": false
}
]