Site icon API Security Blog

Improper Authentication

org.apache.submarine:submarine-commons-utils is vulnerable to Improper Authentication. The vulnerability is caused by a hard-coded JSON Web Token (JWT) key (SUBMARINE_SECRET_12345678901234567890) within SubmarineConfVars.java, which allows attackers to generate unauthorized JWT tokens, bypass authentication, and potentially gain access to sensitive data and…Read More

Exit mobile version