Lucene search
+L

5 matches found

Tenable Nessus
Tenable Nessus
added 2023/09/29 12:0 a.m.56 views

Control iD iDSecure Hard-coded JWT Key Authentication Bypass (CVE-2023-33371)

Binary data controlididsecurecve-2023-33371.nbin...

9.8CVSS9.7AI score0.0085EPSS
Exploits0References2
OSV
OSV
added 2023/08/03 1:15 a.m.9 views

CVE-2023-33371

Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, allowing attackers to sign arbitrary session tokens and bypass authentication...

9.8CVSS5.9AI score0.0085EPSS
Exploits0References2
NVD
NVD
added 2023/08/03 1:15 a.m.21 views

CVE-2023-33371

Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, allowing attackers to sign arbitrary session tokens and bypass authentication...

9.8CVSS9.6AI score0.0085EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/08/03 12:0 a.m.12 views

CVE-2023-33371

Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, allowing attackers to sign arbitrary session tokens and bypass authentication...

7AI score0.0085EPSS
Exploits0References2
CVE
CVE
added 2023/08/03 12:0 a.m.2524 views

CVE-2023-33371

CVE-2023-33371 affects Control ID IDSecure 4.7.26.0 and earlier. The vulnerability arises from a hardcoded cryptographic key used to sign and verify JWT session tokens, enabling an attacker to forge tokens and bypass authentication. Exploitation details are not provided in these documents, but th...

9.8CVSS9.3AI score0.0085EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder