CVE-2022-23541
Incorrect Verification of Tokens vulnerability in jsonwebtoken (npm)

Incorrect Verification of Tokens No known exploit Fixable By Resolved Security

What is CVE-2022-23541 About?

Vulnerable versions of the `jsonwebtoken` library can be misconfigured, leading to incorrect verification of JSON Web Tokens (JWTs). This allows attackers to forge tokens and have them successfully validated, resulting in authentication bypass. The vulnerability is moderately easy to exploit under specific misconfiguration conditions.

Affected Software

jsonwebtoken <9.0.0

Technical Details

The vulnerability in jsonwebtoken versions <=8.5.1 arises from a potential misconfiguration within the token verification process, specifically when the secretOrPublicKey argument provided to jwt.verify() is a poorly implemented key retrieval function. If an application supports both symmetric (e.g., HS256) and asymmetric (e.g., RSA) signing algorithms and uses a single, inadequately designed function to retrieve the secret or public key, an attacker can sign a token with an asymmetric private key but specify a symmetric algorithm (HS256) in the token header. Due to the misconfigured key retrieval, the verification function might then incorrectly attempt to verify the token using the provided public key interpreted as a symmetric secret for HS256, leading to successful validation of a forged token. This bypasses the intended cryptographic integrity checks.

What is the Impact of CVE-2022-23541?

Successful exploitation may allow attackers to forge valid authentication tokens, leading to authentication bypass, unauthorized access to user accounts, or privilege escalation.

What is the Exploitability of CVE-2022-23541?

Exploitation requires a specific misconfiguration in the jsonwebtoken library where a single key retrieval function handles both symmetric and asymmetric algorithms without proper distinction. An attacker would craft a JWT with a forged payload, sign it with an asymmetric key, and specify a symmetric algorithm header (like HS256). This is a remote attack. No specific authentication or privilege is required for the attacker to attempt to present a forged token, but the success depends on the vulnerable server-side configuration. The complexity is moderate, requiring an understanding of JWT structures and the specific misconfiguration. The likelihood of exploitation is higher in applications that dynamically select verification keys or algorithms based on token headers without strict validation or separation.

What are the Known Public Exploits?

PoC Author Link Commentary
No known exploits

What are the Available Fixes for CVE-2022-23541?

A Fix by Resolved Security Exists!

About the Fix from Resolved Security

This patch introduces explicit validation of asymmetric key types and their compatibility with the specified JWT algorithms, raising errors for unsupported or mismatched key/algorithm pairs. By doing so, it mitigates the risk identified in CVE-2022-23541, where attackers could exploit weak or incompatible keys (such as DSA or incorrect EC curves) to sign or verify JWTs, leading to potential security bypasses. The fix ensures only allowed key types and algorithm combinations are accepted, preventing unintended cryptographic downgrades or misuse.

Available Upgrade Options

  • jsonwebtoken
    • <9.0.0 → Upgrade to 9.0.0

Struggling with dependency upgrades?

See how Resolved Security's drop-in replacements make it simple.

Book a demo

Additional Resources

What are Similar Vulnerabilities to CVE-2022-23541?

Similar Vulnerabilities: CVE-2015-9235 , CVE-2016-10555 , CVE-2018-0114 , CVE-2018-1000531 , CVE-2019-14878

All Rights reserved 2025
Privacy Policy