CVE-2022-23541

Published: Dic 22, 2022 Last Modified: Nov 21, 2024 EU-VD ID: EUVD-2022-7650 Aliases: GHSA-hjrf-2m68-5959
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 5,0
Source: [email protected]
Attack Vector: network
Attack Complexity: high
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: low
Integrity: low
Availability: low

Description

AI Translation Available

jsonwebtoken is an implementation of JSON Web Tokens. Versions `<= 8.5.1` of `jsonwebtoken` library can be misconfigured so that passing a poorly implemented key retrieval function referring to the `secretOrPublicKey` argument from the readme link will result in incorrect verification of tokens. There is a possibility of using a different algorithm and key combination in verification, other than the one that was used to sign the tokens. Specifically, tokens signed with an asymmetric public key could be verified with a symmetric HS256 algorithm. This can lead to successful validation of forged tokens. If your application is supporting usage of both symmetric key and asymmetric key in jwt.verify() implementation with the same key retrieval function. This issue has been patched, please update to version 9.0.0.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0006
Percentile
0,2th
Updated

EPSS Score Trend (Last 91 Days)

287

Improper Authentication

Draft
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Integrity Confidentiality Availability Access Control
Potential Impacts:
Read Application Data Gain Privileges Or Assume Identity Execute Unauthorized Code Or Commands
Applicable Platforms
Technologies: ICS/OT, Not Technology-Specific, Web Based
Likelihood of Exploit: High
View CWE Details
1259

Improper Restriction of Security Token Assignment

Incomplete
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Confidentiality Integrity Availability Access Control
Potential Impacts:
Modify Files Or Directories Execute Unauthorized Code Or Commands Bypass Protection Mechanism Gain Privileges Or Assume Identity Modify Memory Dos: Crash, Exit, Or Restart
Applicable Platforms
Technologies: Not Technology-Specific, Processor Hardware, System on Chip
View CWE Details
Application

Jsonwebtoken by Auth0

Product Information
Vendor Auth0
Product Jsonwebtoken
Version Range Affected
To 8.5.1 (inclusive)
cpe:2.3:a:auth0:jsonwebtoken:*:*:*:*:*:node.js:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc1…
Patch
https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc12054a8681db4e6373da1…
https://github.com/auth0/node-jsonwebtoken/releases/tag/v9.…
Release Notes
https://github.com/auth0/node-jsonwebtoken/releases/tag/v9.0.0
https://github.com/auth0/node-jsonwebtoken/security/advisor…
Third Party Advisory
https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-hjrf-2m68-5…
https://security.netapp.com/advisory/ntap-20240621-0007/
https://security.netapp.com/advisory/ntap-20240621-0007/
https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc1…
Patch
https://github.com/auth0/node-jsonwebtoken/commit/e1fa9dcc12054a8681db4e6373da1…
https://github.com/auth0/node-jsonwebtoken/releases/tag/v9.…
Release Notes
https://github.com/auth0/node-jsonwebtoken/releases/tag/v9.0.0
https://github.com/auth0/node-jsonwebtoken/security/advisor…
Third Party Advisory
https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-hjrf-2m68-5…
https://security.netapp.com/advisory/ntap-20240621-0007/
https://security.netapp.com/advisory/ntap-20240621-0007/