JSON Web Token - CVE CyberSecurity Database News (Page 4)

CVE-2023-20238 - Breaking Down the Cisco BroadWorks SSO Token Flaw

Sep 6, 2023 Exploit Cisco JSON Web Token Cisco BroadWorks

CVE-2023-20238 - Breaking Down the Cisco BroadWorks SSO Token Flaw

--- Cisco’s BroadWorks Application Delivery Platform and BroadWorks Xtended Services Platform are widely used in the telecommunications industry. In 2023, a significant vulnerability was

Aug 17, 2023 API JSON Web Token Netflix dispatch

CVE-2023-40171 - How a JWT Secret Leak in Dispatch Could Lead to Full Account Takeover

--- Overview In mid-2023, a critical security vulnerability was discovered in Dispatch, an open-source incident management solution. Tracked as CVE-2023-40171, this flaw could allow attackers

Aug 9, 2023 Exploit JSON Web Token hashicorp Consul Enterprise

CVE-2023-3518 - Critical JWT Auth Flaw in HashiCorp Consul 1.16. Service Mesh (Exclusive Deep Dive)

In June 2023, a serious security issue was discovered in HashiCorp's popular Consul and Consul Enterprise (version 1.16.), specifically tied to its

Aug 3, 2023 API Exploit JSON Web Token Java Assaabloy

CVE-2023-33371 - How Hardcoded JWT Key in Control ID IDSecure 4.7.26. Lets Attackers Bypass Authentication

CVE-2023-33371 is a newly disclosed and critical vulnerability found in Control ID IDSecure versions 4.7.26. and earlier. The core issue? The software uses

Jul 19, 2023 XSS API Exploit JSON Web Token Weintek Weincloud

CVE-2023-35134 - Password Reset in Weintek Weincloud v.13.6 with Only a JWT Token

In this post, we’ll break down a real-world vulnerability: CVE-2023-35134. Found in Weintek Weincloud v.13.6, this flaw lets an attacker reset a