Published: 24/08/2017 Updated: 03/10/2019

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 446

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

In PyJWT 1.5.0 and below the `invalid_strings` check in `HMACAlgorithm.prepare_key` does not account for all PEM encoded public keys. Specifically, the PKCS1 PEM encoded format would be allowed because it is prefaced with the string `-----BEGIN RSA PUBLIC KEY-----` which is not accounted for. This enables symmetric/asymmetric key confusion attacks against users using the PKCS1 PEM encoded public keys, which would allow an malicious user to craft JWTs from scratch.

Vulnerable Product	Search on Vulmon	Subscribe to Product
pyjwt project pyjwt
debian debian linux 8.0
debian debian linux 9.0

Debian Bug report logs - #873244 pyjwt: CVE-2017-11424: Incorrect handling of PEM-encoded public keys Package: src:pyjwt; Maintainer for src:pyjwt is Debian Python Modules Team <python-modules-team@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 25 Aug 2017 19:03:01 UTC Seve ...

PyJWT could be made to crash if it received specially crafted input ...

It was discovered that PyJWT, a Python implementation of JSON Web Token performed insufficient validation of some public key types, which could allow a remote attacker to craft JWTs from scratch For the oldstable distribution (jessie), this problem has been fixed in version 021-1+deb8u2 For the stable distribution (stretch), this problem has be ...

In PyJWT 150 and below the `invalid_strings` check in `HMACAlgorithmprepare_key` does not account for all PEM encoded public keys Specifically, the PKCS1 PEM encoded format would be allowed because it is prefaced with the string `-----BEGIN RSA PUBLIC KEY-----` which is not accounted for This enables symmetric/asymmetric key confusion attacks ...

Deriving RSA public keys from message-signature pairs

rsa_sig2n The repository contains: Experimental code to calculate RSA public keys based on two known message-signature pairs (based on cryptostackexchangecom/questions/30289/is-it-possible-to-recover-an-rsa-modulus-from-its-signatures/30301#30301) Code to extract and generate RSA and HMAC signatures for JWTs Proof-of-Concept code to exploit the CVE-2017-11424 key con

Security Resources 📖 Links to online resources & tools we use during our web application / network security courses You can create a PR or open an issue if you think we missed a useful resource Short URL: gitio/secres Compass Security 🧭 Compass Security: compass-securitycom/de/ Compass Security Blog: blogcompass-securitycom/ Hacking

Collection of online security resources

Security Resources 📖 Links to online resources & tools we use during our web application / network security courses You can create a PR or open an issue if you think we missed a useful resource Short URL: gitio/secres Compass Security 🧭 Compass Security: compass-securitycom/de/ Compass Security Blog: blogcompass-securitycom/ Hacking

NVD-CWE-noinfo https://github.com/jpadilla/pyjwt/pull/277 http://www.debian.org/security/2017/dsa-3979 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873244 https://usn.ubuntu.com/3407-1/https://nvd.nist.gov

CVE-2017-11424

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect