Vulnerabilities > CVE-2020-36255 - Unspecified vulnerability in Identitymodel Project Identitymodel

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

identitymodel-project

NVD

Published: 2021-03-05

Updated: 2021-03-11

Summary

An issue was discovered in IdentityModel (aka ScottBrady.IdentityModel) before 1.3.0. The Branca implementation allows an attacker to modify and forge authentication tokens.

Vulnerable Configurations

Part	Description	Count
Application	Identitymodel_Project Identitymodel Project Identitymodel *	1

References

https://github.com/scottbrady91/IdentityModel/compare/1.2.0...1.3.0
https://github.com/scottbrady91/IdentityModel/issues/3
https://github.com/scottbrady91/IdentityModel/issues/4