PT-2018-9428 · Inversoft · Prime-Jwt
Rcadob
·
Published
2018-06-26
·
Updated
2018-08-30
·
CVE-2018-1000531
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
inversoft prime-jwt versions prior to commit abb0d479389a2509f939452a6767dc424bb5e6ba
Description
The issue concerns an incorrect signature validation of a JWT token. An attacker can exploit this by crafting a JWT token with a valid header using 'none' as the algorithm and a body, then requesting it to be validated. This occurs due to a flaw in the
JWTDecoder.decode function.Recommendations
For inversoft prime-jwt versions prior to commit abb0d479389a2509f939452a6767dc424bb5e6ba, update to a version that includes the fix after commit abb0d479389a2509f939452a6767dc424bb5e6ba to resolve the issue. As a temporary workaround, consider validating JWT tokens with additional checks to ensure the algorithm is not set to 'none' before passing them to the
JWTDecoder.decode function.Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Prime-Jwt