scheb/two-factor-bundle bypass two-factor authentication with unverified JWT trusted device token · GHSA-h6mp-mc7g-mg49 · GitHub Advisory Database · GitHub

scheb/two-factor-bundle bypass two-factor authentication with unverified JWT trusted device token

High severity GitHub Reviewed Published May 21, 2024 to the GitHub Advisory Database

Package

scheb/two-factor-bundle (Composer)

Affected versions

>= 3.0.0, < 3.7.0

Patched versions

3.7.0

Description

Before version 3.7 the bundle is vulnerable to a security issue in JWT, which can be exploited by an attacker to generate trusted device cookies on their own, effectively by-passing two-factor authentication.

References

Published to the GitHub Advisory Database May 21, 2024

Reviewed May 21, 2024

Severity

High

7.4

/ 10

CVSS base metrics

Attack vector

Network

Attack complexity

High

Privileges required

None

User interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N