CVE-2018-0114
CVE-2018-0114
A vulnerability in the Cisco node-jose open source library before 0.11.0 could allow an unauthenticated, remote attacker to re-sign tokens using a key that is embedded within the token. The vulnerability is due to node-jose following the JSON Web Signature (JWS) standard for JSON Web Tokens (JWTs). This standard specifies that a JSON Web Key (JWK) representing a public key can be embedded within the header of a JWS. This public key is then trusted for verification. An attacker could exploit this by forging valid JWS objects by removing the original signature, adding a new public key to the header, and then signing the object using the (attacker-owned) private key associated with the public key embedded in that JWS header.
Produtos afetados
n/a · Node-jose LibraryPoCs públicas encontradas — 16
githubgithub.com/z-bool/Venom-JWT★ 289githubgithub.com/zi0Black/POC-CVE-2018-0114★ 26githubgithub.com/j4k0m/CVE-2018-0114★ 4githubgithub.com/scumdestroy/CVE-2018-0114★ 3githubgithub.com/Eremiel/CVE-2018-0114★ 2githubgithub.com/fevra-dev/ClaimJumper★ 1githubgithub.com/adityathebe/POC-CVE-2018-0114★ 1githubgithub.com/sealldeveloper/CVE-2018-0114-PoC★ 0githubgithub.com/Logeirs/CVE-2018-0114★ 0githubgithub.com/Starry-lord/CVE-2018-0114★ 0githubgithub.com/mmeza-developer/CVE-2018-0114★ 0githubgithub.com/n0m-d/CVE-2018-0114-Go★ 0githubgithub.com/Pandora-research/CVE-2018-0114-Exploit★ 0githubgithub.com/amr9k8/jwt-spoof-tool★ 0exploitdbwww.exploit-db.com/exploits/44324não verificadocve_referencewww.exploit-db.com/exploits/44324/não verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →