Описание
Ever Gauzy v0.281.9 contains a JWT authentication vulnerability that allows attackers to exploit weak HMAC secret key implementation. Attackers can leverage the exposed JWT token to authenticate and gain unauthorized access with administrative permissions.
EPSS
Процентиль: 15%
0.00048
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-347
Связанные уязвимости
CVSS3: 9.8
github
около 2 месяцев назад
Ever Gauzy v0.281.9 contains a JWT authentication vulnerability that allows attackers to exploit weak HMAC secret key implementation. Attackers can leverage the exposed JWT token to authenticate and gain unauthorized access with administrative permissions.
EPSS
Процентиль: 15%
0.00048
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-347