Improper Authentication

WebAuthn4J is vulnerable to Improper Authentication. The vulnerability is due to the improper persistence of an incremented signature counter value by the authenticator during authentication. This can be exploited by the attacker using cloned authenticators without being detected...

GHSA-V9HX-V6VF-G36J WebAuthn4J Spring Security Improper signature counter value handling

Improper signature counter value handling Impact A flaw was found in webauthn4j-spring-security-core. When an authneticator returns an incremented signature counter value during authentication, webauthn4j-spring-security-core does not properly persist the value, which means cloned authenticator...

WebAuthn4J Spring Security Improper signature counter value handling

Improper signature counter value handling Impact A flaw was found in webauthn4j-spring-security-core. When an authneticator returns an incremented signature counter value during authentication, webauthn4j-spring-security-core does not properly persist the value, which means cloned authenticator...

CVE-2023-45669

WebAuthn4J Spring Security provides Web Authentication specification support for Spring applications. Affected versions are subject to improper signature counter value handling. A flaw was found in webauthn4j-spring-security-core. When an authneticator returns an incremented signature counter val...

Design/Logic Flaw

WebAuthn4J Spring Security provides Web Authentication specification support for Spring applications. Affected versions are subject to improper signature counter value handling. A flaw was found in webauthn4j-spring-security-core. When an authneticator returns an incremented signature counter val...

CVE-2023-45669 Improper signature counter value handling in webauthn4j-spring-security

WebAuthn4J Spring Security provides Web Authentication specification support for Spring applications. Affected versions are subject to improper signature counter value handling. A flaw was found in webauthn4j-spring-security-core. When an authneticator returns an incremented signature counter val...

CVE-2023-45669 Improper signature counter value handling in webauthn4j-spring-security

WebAuthn4J Spring Security provides Web Authentication specification support for Spring applications. Affected versions are subject to improper signature counter value handling. A flaw was found in webauthn4j-spring-security-core. When an authneticator returns an incremented signature counter val...

CVE-2023-45669

CVE-2023-45669 affects WebAuthn4J Spring Security via the webauthn4j-spring-security-core component. The bug arises from improper persistence of an incremented signature counter returned by the authenticator, causing cloned authenticators to evade detection. Reported impact: an attacker could abu...

CVE-2023-45669 Improper signature counter value handling in webauthn4j-spring-security

WebAuthn4J Spring Security provides Web Authentication specification support for Spring applications. Affected versions are subject to improper signature counter value handling. A flaw was found in webauthn4j-spring-security-core. When an authneticator returns an incremented signature counter val...

PT-2023-29638 · Unknown · Webauthn4J Spring Security

Name of the Vulnerable Software and Affected Versions: WebAuthn4J Spring Security versions prior to 0.9.1.RELEASE Description: A flaw was found in webauthn4j-spring-security-core, where improper signature counter value handling occurs. When an authenticator returns an incremented signature counte...