JWT Audience Cross Service Relay Attack
Severity | High |
---|---|
CVEs | |
Classifications | |
OWASP Category | OWASP API2:2023 Broken Authentication (opens in a new tab) |
A vulnerability arises when a JSON Web Token (JWT) is signed by the same service but doesn't verify the issuer (the source of the token) and the audience (the intended recipient). This can lead to security risks, as it means an attacker could create a forged JWT with the same service signature and manipulate the issuer and audience fields. Without proper verification, the service may accept the forged token, potentially granting unauthorized access or compromising the system's security.
Example
TODO: write an example
How to test?
TODO: VulnAPI Command
What is the impact?
TODO: write the impact
Services impacted
TODO: list all the services used to create a token but using the same keys
How to remediate?
TODO: write the remediation