Describe the bug
Impact: Exposure of Sensitive Information, Manipulation of Data, Denial of Service (DoS)
1) For jsonwebtoken library, if a malicious actor has the ability to modify the key retrieval parameter (referring to the secretOrPublicKey argument from the readme link) of the jwt.verify() function, they can gain remote code execution. [CVE-2022-23529]
2) jsonwebtoken library could be misconfigured so that legacy, insecure key types are used for signature verification. [CVE-2022-23539]
3) For jsonwebtoken library, lack of algorithm definition in the jwt.verify() function can lead to signature validation bypass due to defaulting to the none algorithm for signature verification. [CVE-2022-23540]
4) jsonwebtoken library can be misconfigured so that passing a poorly implemented key retrieval function (referring to the secretOrPublicKey argument from the readme link) will result in incorrect verification of tokens. There is a possibility of using a different algorithm and key combination in verification than the one that was used to sign the tokens. Specifically, tokens signed with an asymmetric public key could be verified with a symmetric HS256 algorithm. This can lead to successful validation of forged tokens. [CVE-2022-23541]
To Reproduce
Steps to reproduce the behavior:
NA
Expected behavior
NA
Screenshots
NA
Desktop (please complete the following information):
OS: [e.g. iOS]
Browser [e.g. chrome, safari]
Version [e.g. 22]
Smartphone (please complete the following information):
Device: [e.g. iPhone6]
OS: [e.g. iOS8.1]
Browser [e.g. stock browser, safari]
Version [e.g. 22]
MindSphere Plan
start for free
iot value plan
developer plan
operator plan
Additional context
Add any other context about the problem here.
Describe the bug Impact: Exposure of Sensitive Information, Manipulation of Data, Denial of Service (DoS)
1) For jsonwebtoken library, if a malicious actor has the ability to modify the key retrieval parameter (referring to the secretOrPublicKey argument from the readme link) of the jwt.verify() function, they can gain remote code execution. [CVE-2022-23529]
2) jsonwebtoken library could be misconfigured so that legacy, insecure key types are used for signature verification. [CVE-2022-23539]
3) For jsonwebtoken library, lack of algorithm definition in the jwt.verify() function can lead to signature validation bypass due to defaulting to the none algorithm for signature verification. [CVE-2022-23540]
4) jsonwebtoken library can be misconfigured so that passing a poorly implemented key retrieval function (referring to the secretOrPublicKey argument from the readme link) will result in incorrect verification of tokens. There is a possibility of using a different algorithm and key combination in verification than the one that was used to sign the tokens. Specifically, tokens signed with an asymmetric public key could be verified with a symmetric HS256 algorithm. This can lead to successful validation of forged tokens. [CVE-2022-23541]
To Reproduce Steps to reproduce the behavior: NA
Expected behavior NA
Screenshots NA
Desktop (please complete the following information):
Smartphone (please complete the following information):
MindSphere Plan
Additional context Add any other context about the problem here.