CVE-2020-26160 - OpenCVE

jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with []string{} for m["aud"] (which is allowed by the specification). Because the type assertion fails, "" is the value of aud. This is a security problem if the JWT token is presented to a service that lacks its own audience check.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Jwt-go Project	Jwt-go
Redhat	Container Native Virtualization Cryostat Openshift Openshift Container Storage Serverless

Configuration 1 [-]

cpe:2.3:a:jwt-go_project:jwt-go:*:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Cryostat 2 on RHEL 8
cryostat-20-tech-preview/cryostat-operator-bundle:2.0.0-6.1639085863	cpe:/a:redhat:cryostat:2::el8	RHSA-2021:5110	2021-12-14T00:00:00Z
cryostat-20-tech-preview/cryostat-rhel8-operator:2.0.0-5	cpe:/a:redhat:cryostat:2::el8	RHSA-2021:5110	2021-12-14T00:00:00Z
Openshift Serveless 1.13
openshift-serverless-1/client-kn-rhel8:0.19.1-4	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8:0.19.2-3	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
openshift-serverless-1/eventing-controller-rhel8:0.19.2-3	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
openshift-serverless-1/eventing-in-memory-channel-controller-rhel8:0.19.2-3	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8:0.19.2-3	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
openshift-serverless-1/eventing-mtbroker-filter-rhel8:0.19.2-3	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
openshift-serverless-1/eventing-mtbroker-ingress-rhel8:0.19.2-3	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
openshift-serverless-1/eventing-mtchannel-broker-rhel8:0.19.2-3	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
openshift-serverless-1/eventing-mtping-rhel8:0.19.2-3	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
openshift-serverless-1/eventing-storage-version-migration-rhel8:0.19.2-3	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
openshift-serverless-1/eventing-sugar-controller-rhel8:0.19.2-3	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
openshift-serverless-1/eventing-webhook-rhel8:0.19.2-3	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
openshift-serverless-1/ingress-rhel8-operator:1.13.0-6	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
openshift-serverless-1/knative-rhel8-operator:1.13.0-6	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
openshift-serverless-1/kn-cli-artifacts-rhel8:0.19.1-2	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
openshift-serverless-1/kourier-control-rhel8:0.19.0-3	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
openshift-serverless-1/serverless-operator-bundle:1.13.0-9	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
openshift-serverless-1/serverless-rhel8-operator:1.13.0-6	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
openshift-serverless-1/serving-activator-rhel8:0.19.0-5	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
openshift-serverless-1/serving-autoscaler-hpa-rhel8:0.19.0-5	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
openshift-serverless-1/serving-autoscaler-rhel8:0.19.0-5	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
openshift-serverless-1/serving-controller-rhel8:0.19.0-5	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
openshift-serverless-1/serving-domain-mapping-rhel8:0.19.0-5	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
openshift-serverless-1/serving-domain-mapping-webhook-rhel8:0.19.0-5	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
openshift-serverless-1/serving-queue-rhel8:0.19.0-6	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
openshift-serverless-1/serving-storage-version-migration-rhel8:0.19.0-5	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
openshift-serverless-1/serving-webhook-rhel8:0.19.0-5	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
openshift-serverless-1/svls-must-gather-rhel8:1.13.0-3	cpe:/a:redhat:serverless:1.13::el8	RHSA-2021:0516	2021-02-18T00:00:00Z
Red Hat OpenShift Container Platform 4.7
openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0	cpe:/a:redhat:openshift:4.7::el8	RHSA-2020:5633	2021-02-24T00:00:00Z
Red Hat OpenShift Container Platform 4.8
openshift4/ose-baremetal-installer-rhel8:v4.8.0-202106291913.p0.git.a5ddd2d.assembly.stream	cpe:/a:redhat:openshift:4.8::el8	RHSA-2021:2438	2021-07-27T00:00:00Z
openshift4/ose-etcd:v4.8.0-202106152230.p0.git.aefa6bf.assembly.stream	cpe:/a:redhat:openshift:4.8::el8	RHSA-2021:2438	2021-07-27T00:00:00Z
Red Hat OpenShift Container Storage 4.7.0 on RHEL-8
ocs4/mcg-rhel8-operator:5.7.0-69.85e2026.5.7	cpe:/a:redhat:openshift_container_storage:4.7::el8	RHSA-2021:2041	2021-05-19T00:00:00Z
mcg-0:5.7.0-69.85e2026.5.7.el8	cpe:/a:redhat:openshift_container_storage:4.7::el8	RHSA-2021:2042	2021-05-19T00:00:00Z
Red Hat OpenShift Virtualization 2
kubevirt-cpu-model-nfd-plugin-container	cpe:/a:redhat:container_native_virtualization:2.6::el8	RHSA-2021:0799	2021-03-10T00:00:00Z
kubevirt-cpu-node-labeller-container	cpe:/a:redhat:container_native_virtualization:2.6::el8	RHSA-2021:0799	2021-03-10T00:00:00Z
kubevirt-kvm-info-nfd-plugin-container	cpe:/a:redhat:container_native_virtualization:2.6::el8	RHSA-2021:0799	2021-03-10T00:00:00Z
vm-import-controller-container	cpe:/a:redhat:container_native_virtualization:2.6::el8	RHSA-2021:0799	2021-03-10T00:00:00Z

References

Link	Providers
https://github.com/dgrijalva/jwt-go/pull/426
https://nvd.nist.gov/vuln/detail/CVE-2020-26160
https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMDGRIJALVAJWTGO-596515
https://www.cve.org/CVERecord?id=CVE-2020-26160

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-09-30T12:57:10

Updated: 2024-08-04T15:49:07.136Z

Reserved: 2020-09-30T00:00:00

Link: CVE-2020-26160

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-09-30T18:15:27.397

Modified: 2021-07-21T11:39:23.747

Link: CVE-2020-26160

Redhat

Severity : Moderate

Publid Date: 2020-09-15T00:00:00Z

Links: CVE-2020-26160 - Bugzilla

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object