Lucene search

K
cvelistMitreCVELIST:CVE-2023-33371
HistoryAug 03, 2023 - 12:00 a.m.

CVE-2023-33371

2023-08-0300:00:00
mitre
www.cve.org
4
idsecure
cryptographic key
jwt session tokens
authentication bypass

AI Score

9.7

Confidence

High

EPSS

0.002

Percentile

56.7%

Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, allowing attackers to sign arbitrary session tokens and bypass authentication.

AI Score

9.7

Confidence

High

EPSS

0.002

Percentile

56.7%

Related for CVELIST:CVE-2023-33371