Security Test: JWT Signature check¶

Description¶

Default Severity:

JWTs rely on a secret signature to ensure that the token hasn't been tampered with. When a server accepts a token with an incorrect signature, it means there's a flaw in the verification process, letting attackers change key information in the token. The danger here is that attackers could impersonate users, escalate privileges, or access resources they shouldn't by exploiting that weak signature check. Common mistakes include using lax algorithms, not enforcing strict signature verification, or improper handling of token libraries. This vulnerability can essentially let unauthorized parties bypass security controls if left unaddressed.

Reference:

https://www.freecodecamp.org/news/how-to-sign-and-validate-json-web-tokens/

Configuration¶

Identifier: injection/jwt_sign_check

Examples¶

All configuration available:

checks:
  injection/jwt_sign_check:
    skip: false # default

Compliance and Standards¶

Standard	Value
OWASP API Top 10	API2:2023
OWASP LLM Top 10	LLM06:2023
PCI DSS	`6.5.10`
GDPR	`Article-32`
SOC2	`CC1`
PSD2	`Article-95`
ISO 27001	`A.14.2`
NIST	`SP800-63B`
FedRAMP	`SI-7`
CWE	`347`
CVSS Vector	`AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N`
CVSS Score	`9.3`