Strapi Cognito provider Authentication Bypass (CVE-2023-22893)

Description

AWS Cognito login provider of Strapi is vulnerable to an authentication bypass vulnerability due to a lack of JWT signature verification. It allows unauthenticated users to compromise the system.

Remediation

Upgrade to the latest version of Strapi

References

Security Disclosure of Vulnerabilities: CVE-2023-22893, CVE-2023-22621, and CVE-2023-22894

Multiple Critical Vulnerabilities in Strapi Versions <=4.7.1

Related Vulnerabilities

WordPress Plugin WP Migrate DB Security Bypass (0.6)

WordPress Plugin Premmerce Wholesale Pricing for WooCommerce Security Bypass (1.1.3)

JWT Signature Bypass via kid SQL injection

Joomla! Core 3.x.x Security Bypass (3.0.0 - 3.4.4)

Joomla! Core Security Bypass (2.5.0 - 3.9.19)

Severity

High

Classification

CVE-2023-22893 CWE-287 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N