pac4j-jwt JwtAuthenticator Authentication Bypass

pac4j-jwt versions prior to 4.5.9, 5.7.9, and 6.3.3 contain an authentication bypass vulnerability in JwtAuthenticator when processing encrypted JWTs that allows remote attackers to forge authentication tokens. Attackers who possess the server's RSA public key can create a JWE-wrapped PlainJWT with arbitrary subject and role claims, bypassing signature verification to authenticate as any user including administrators.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

密码学签名的验证不恰当

pac4j-jwt 数据伪造问题漏洞

pac4j-jwt是pac4j开源的一个JWT认证模块。 pac4j-jwt 4.5.9之前版本、5.7.9之前版本和6.3.3之前版本存在数据伪造问题漏洞，该漏洞源于JwtAuthenticator在处理加密JWT时存在身份验证绕过问题，可能导致远程攻击者利用服务器的RSA公钥伪造身份验证令牌，从而以包括管理员在内的任何用户身份通过验证。

N/A

N/A