CVE-2017-16007

node-jose is a JavaScript implementation of the JSON Object Signing and Encryption JOSE for current web browsers and node.js-based servers. node-jose earlier than version 0.9.3 is vulnerable to an invalid curve attack. This allows an attacker to recover the private secret key when JWE with Key...

CVE-2017-16007

CVE-2017-16007 affects the node-jose library prior to 0.9.3, where JWE with ECDH-ES can permit an invalid-curve attack and allow recovery of the private key. The vulnerability is described across NVD, OSV, GHSA, and IBM advisories, which also recommend upgrading to 0.9.3 or later as the remediati...

Cisco node-jos Resign Tokens Proof Of Concept

import base64 import urllib import rsa import sys zi0Black ''' POC of CVE-2018-0114 Cisco node-jose 0.11.0 Created by Andrea Cappa aka @zi0Black GitHub,Twitter,Telegram Mail: [email protected] Site: https://zioblack.xyz A special thanks to Louis Nyffenegger, the founder of PentesterLab, for al...

Cisco node-jos < 0.11.0 - Re-sign Tokens

!/usr/bin/env python3 import base64 from urllib.parse import quoteplus import rsa import sys zi0Black ''' EDB Note: This has been updated https://github.com/offensive-security/exploitdb/pull/139 POC of CVE-2018-0114 Cisco node-jose = 8 return b::-1 def generateheaderpayloadpayload,pubkey: create...

Unauthorized Token Resigning

node-jose is vulnerable to unauthorized token resigning. The application allows a malicious user to forge a valid JSON Web Signature Object by removing the original Signature, adding a new public key to the header and resigning the object with their own key...

CVE-2018-0114

A vulnerability in the Cisco node-jose open source library before 0.11.0 could allow an unauthenticated, remote attacker to re-sign tokens using a key that is embedded within the token. The vulnerability is due to node-jose following the JSON Web Signature JWS standard for JSON Web Tokens JWTs...

Code injection

A vulnerability in the Cisco node-jose open source library before 0.11.0 could allow an unauthenticated, remote attacker to re-sign tokens using a key that is embedded within the token. The vulnerability is due to node-jose following the JSON Web Signature JWS standard for JSON Web Tokens JWTs...

CVE-2018-0114

A vulnerability in the Cisco node-jose open source library before 0.11.0 could allow an unauthenticated, remote attacker to re-sign tokens using a key that is embedded within the token. The vulnerability is due to node-jose following the JSON Web Signature JWS standard for JSON Web Tokens JWTs...

CVE-2018-0114

A vulnerability in the Cisco node-jose open source library before 0.11.0 could allow an unauthenticated, remote attacker to re-sign tokens using a key that is embedded within the token. The vulnerability is due to node-jose following the JSON Web Signature JWS standard for JSON Web Tokens JWTs...

CVE-2018-0114

A vulnerability in the Cisco node-jose open source library before 0.11.0 could allow an unauthenticated, remote attacker to re-sign tokens using a key that is embedded within the token. The vulnerability is due to node-jose following the JSON Web Signature JWS standard for JSON Web Tokens JWTs...

CVE-2018-0114

CVE-2018-0114 affects the Cisco node-jose library prior to 0.11.0. The flaw arises when a JSON Web Signature (JWS) header can carry a JWK (public key) that is then trusted for verification. An unauthenticated, remote attacker could forge valid JWS objects by removing the original signature, inser...

CVE-2018-0114

A vulnerability in the Cisco node-jose open source library before 0.11.0 could allow an unauthenticated, remote attacker to re-sign tokens using a key that is embedded within the token. The vulnerability is due to node-jose following the JSON Web Signature JWS standard for JSON Web Tokens JWTs...

Cisco node-jose open source library security bypass vulnerability

Cisco node-jose open source library is the United States Cisco Cisco company based on a Web browser and node.js server JSON object signing and encryption of open source library . A security bypass vulnerability exists in the Cisco node-jose open source library that stems from node-jose's use of t...

Invalid Curve Attack

node-jose, nimbus-jose-jwt and jose4j are vulnerable to invalid curve attacks. These attacks are possible when using key agreement with Elliptic Curve Diffie-Hellman Ephemeral Static ECDH-ES, allowing attackers to recover the private secret key...

Invalid Curve Attack

Overview Affected versions of node-jose are vulnerable to an invalid curve attack. This allows an attacker to recover the private secret key when JWE with Key Agreement with Elliptic Curve Diffie-Hellman Ephemeral Static ECDH-ES is used. Proof of Concept Recommendation Update to version 0.9.3 or...