Authentication Bypass

Affecting jsjws package, versions <2.0.0

Do your applications use this vulnerable package? Test your applications

Overview

The jsjws is a pure JavaScript implementation of JSON Web Signature. JSON Web Tokens are an open, industry standard method for representing claims securely between two parties.

Affected versions of this module treated tokens signed with the none algorithm as a valid token with a verified signature and resulted in giving attackers arbitrary account access.

Remediation

Upgrade jsjws to version 2.0.0 or higher.

References

CVSS Score

8.7
high severity
  • Attack Vector
    Network
  • Attack Complexity
    High
  • Privileges Required
    None
  • User Interaction
    None
  • Scope
    Changed
  • Confidentiality
    High
  • Integrity
    High
  • Availability
    None
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
Credit
Tim McLean
CWE
CWE-592
Snyk ID
npm:jsjws:20150531
Disclosed
31 Mar, 2016
Published
20 Oct, 2016