[JAVA]: CWE-347 - Improper Verification of Cryptographic Signature : Potential for Auth Bypass #372
Description
Query
Relevant PR: github/codeql#5597
CVEs Found using this query:
- CVE-2021-29455:
GHSA-f65w-6xw8-6734 - CVE-2021-29451:
GHSA-6g3c-2mh5-7q6x - CVE-2021-32631:
CVE assigned, fix is being worked on, but fix is not yet published. - CVE-2021-29500:
GHSA-hj36-84cp-29pr
Other CVE ID(s) and information
https://i.blackhat.com/USA-19/Thursday/us-19-Jaiswal-Preventing-Authentication-Bypass-A-Tale-Of-Two-Researchers.pdf
https://www.zofrex.com/blog/2020/10/20/alg-none-jwt-nhs-contact-tracing-app/
GHSA-5m5q-3qw2-3xf3
Report
A JWT consists of three parts: header, payload, and signature.
The io.jsonwebtoken.jjwt library is one of many libraries used for working with JWTs.
It offers different methods for parsing tokens like parse, parseClaimsJws, and parsePlaintextJws.
The last two correctly verify that the JWT is properly signed.
This is done by computing the signature of the combination of header and payload and
comparing the locally computed signature with the signature part of the JWT.
Therefore it is necessary to provide the JwtParser with a key that is used for signature validation.
Unfortunately the parse method accepts a JWT whose signature is empty although a signing key has been set for the parser.
This means that an attacker can create arbitrary JWTs that will be accepted.
This is a high impact query as being able to forge token often leads to an auth bypass.
See also the links at the top.
- Are you planning to discuss this vulnerability submission publicly? (Blog Post, social networks, etc). We would love to have you spread the word about the good work you are doing