admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-07 13:36:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-482xx/CVE-2023-48238.json
cad-safe-bot db95377d9f Auto-Update: 2024-04-04T08:42:25.815847+00:00
2024-04-04 08:46:00 +00:00

101 lines
4.2 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-48238",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-17T22:15:07.817",
"lastModified": "2023-11-29T20:53:34.610",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "joaquimserafim/json-web-token is a javascript library use to interact with JSON Web Tokens (JWT) which are a compact URL-safe means of representing claims to be transferred between two parties. Affected versions of the json-web-token library are vulnerable to a JWT algorithm confusion attack. On line 86 of the 'index.js' file, the algorithm to use for verifying the signature of the JWT token is taken from the JWT token, which at that point is still unverified and thus shouldn't be trusted. To exploit this vulnerability, an attacker needs to craft a malicious JWT token containing the HS256 algorithm, signed with the public RSA key of the victim application. This attack will only work against this library is the RS256 algorithm is in use, however it is a best practice to use that algorithm."
},
{
"lang": "es",
"value": "joaquimserafim/json-web-token es una librer\u00eda de JavaScript que se utiliza para interactuar con JSON Web Tokens (JWT), que son un medio compacto seguro para URL para representar reclamaciones que se transferir\u00e1n entre dos partes. Las versiones afectadas de la librer\u00eda json-web-token son vulnerables a un ataque de confusi\u00f3n del algoritmo JWT. En la l\u00ednea 86 del archivo 'index.js', el algoritmo que se utilizar\u00e1 para verificar la firma del token JWT se toma del token JWT, que en ese momento a\u00fan no est\u00e1 verificado y, por lo tanto, no se debe confiar en \u00e9l. Para explotar esta vulnerabilidad, un atacante necesita crear un token JWT malicioso que contenga el algoritmo HS256, firmado con la clave RSA p\u00fablica de la aplicaci\u00f3n v\u00edctima. Este ataque solo funcionar\u00e1 contra esta librer\u00eda si el algoritmo RS256 est\u00e1 en uso; sin embargo, es una buena pr\u00e1ctica utilizar ese algoritmo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-345"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:joaquimserafim:json_web_token:*:*:*:*:*:node.js:*:*",
"versionEndExcluding": "3.1.1",
"matchCriteriaId": "DEA4CF7A-3784-41E7-A801-2283EEEDBF69"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/joaquimserafim/json-web-token/security/advisories/GHSA-4xw9-cx39-r355",
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink