Documentation
Broken Authentication
JWT Audience Cross Service Relay Attack

JWT Audience Cross Service Relay Attack

Severity High
CVEs
Classifications
OWASP Category OWASP API2:2023 Broken Authentication (opens in a new tab)

A vulnerability arises when a JSON Web Token (JWT) is signed by the same service but doesn't verify the issuer (the source of the token) and the audience (the intended recipient). This can lead to security risks, as it means an attacker could create a forged JWT with the same service signature and manipulate the issuer and audience fields. Without proper verification, the service may accept the forged token, potentially granting unauthorized access or compromising the system's security.

Example

TODO: write an example

How to test?

TODO: VulnAPI Command

What is the impact?

TODO: write the impact

Services impacted

TODO: list all the services used to create a token but using the same keys

How to remediate?

TODO: write the remediation