CVE-2025-27370

Published Mar 3, 2025

Last updated a month ago

CVSS medium 6.9

Overview

Description
OpenID Connect Core through 1.0 errata set 2 allows audience injection in certain situations. When the private_key_jwt authentication mechanism is used, a malicious Authorization Server could trick a Client into writing attacker-controlled values into the audience, including token endpoints or issuer identifiers of other Authorization Servers. The malicious Authorization Server could then use these private key JWTs to impersonate the Client.
Source
cve@mitre.org
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
6.9
Impact score
4.7
Exploitability score
1.6
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N
Severity
MEDIUM

Weaknesses

cve@mitre.org
CWE-305

Social media

Hype score
Not currently trending

  1. CVE-2025-27370 OpenID Connect Core through 1.0 errata set 2 allows audience injection in certain situations. When the private_key_jwt authentication mechanism is used, a malicious A… https://t.co/JBffloFQ3Y

    @CVEnew

    7 Mar 2025

    243 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References