9.1

CVSS Score

3.1

Basic Information

CVE ID

GHSA ID

GHSA-gcgw-q47m-prvj

EPSS Score

CWE

CWE-269

Published

12/12/2023

Updated

9/30/2024

KEV Status

Technology

Java

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

GHSA-gcgw-q47m-prvj

GHSA-gcgw-q47m-prvj: Duplicate Advisory: Improper JWT Signature Validation in SAP Security Services Library

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-59c9-pxq8-9c73. This link is maintained to preserve external references.

Original Description

SAP BTP Security Services Integration Library ([Java] cloud-security-services-integration-library) - versions below 2.17.0 and versions from 3.0.0 to before 3.3.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application.

(GitHub Advisory)

9.1

CVSS Score

3.1

Basic Information

CVE ID

GHSA ID

GHSA-gcgw-q47m-prvj

EPSS Score

CWE

CWE-269

Published

12/12/2023

Updated

9/30/2024

KEV Status

Technology

Java

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
com.sap.cloud.security:java-security	maven	< 2.17.0	2.17.0
com.sap.cloud.security:java-security	maven	>= 3.0.0, < 3.3.0	3.3.0
com.sap.cloud.security.xsuaa:spring-xsuaa	maven	< 2.17.0	2.17.0
com.sap.cloud.security.xsuaa:spring-xsuaa	maven	>= 3.0.0, < 3.3.0	3.3.0
com.sap.cloud.security:spring-security	maven	< 2.17.0	2.17.0
com.sap.cloud.security:spring-security	maven	>= 3.0.0, < 3.3.0	3.3.0

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability centers on JWT validation flaws enabling privilege escalation. Key functions were identified by: 1) Core token validation entry points (Token.validate), 2) Spring Security integration points (XsuaaJwtDecoder.decode), and 3) Servlet authentication handlers (XsuaaTokenAuthenticator.authenticate). The high confidence for Token.validate stems from its direct role in signature verification as described in advisories. Other functions are medium confidence based on architectural position and CWE mappings, though exact patch changes aren't visible.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

## *upli**t* **visory T*is **visory **s ***n wit**r*wn ****us* it is * *upli**t* o* **S*-****-pxq*-****. T*is link is m*int*in** to pr*s*rv* *xt*rn*l r***r*n**s. ## Ori*in*l **s*ription S*P *TP S**urity S*rvi**s Int**r*tion Li*r*ry ([J*v*] *lou*-s**

Reasoning

T** vuln*r**ility **nt*rs on JWT v*li**tion *l*ws *n**lin* privil*** *s**l*tion. K*y *un*tions w*r* i**nti*i** *y: *) *or* tok*n `v*li**tion` *ntry points (`Tok*n.v*li**t*`), *) Sprin* S**urity int**r*tion points (`Xsu**Jwt***o**r.***o**`), *n* *) S*

9.1

Basic Information

Concerned about an active attack path?

GHSA-gcgw-q47m-prvj: Duplicate Advisory: Improper JWT Signature Validation in SAP Security Services Library

Duplicate Advisory

Original Description

9.1

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI