CVE-2020-26172

Published: Dec 18, 2020Modified: Nov 21, 2024

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Exploitability: 3.9 / Impact: 2.5

Source: NVD

Description

Every login in tangro Business Workflow before 1.18.1 generates the same JWT token, which allows an attacker to reuse the token when a session is active. The JWT token does not contain an expiration timestamp.

Affected (1)

Products: Tangro: Business Workflow

Tangro

1 product

Business Workflow

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Tangro Business Workflow	Before 1.18.1

Related CWEs

CWE-294

Authentication Bypass by Capture-replay

A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).

References (4)

https://blog.to.com/advisory-tangro-bwf-1-17-5-multiple-vulnerabilities/

Source: cve@mitre.org

ExploitThird Party Advisory

https://www.tangro.de/

Source: cve@mitre.org

Product

https://blog.to.com/advisory-tangro-bwf-1-17-5-multiple-vulnerabilities/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://www.tangro.de/

Source: af854a3a-2127-422b-91ae-364da2661108

Product

Timeline

No history available yet.