CVE-2022-23540 Overview
CVE-2022-23540 is an authentication bypass vulnerability in the Auth0 jsonwebtoken library for Node.js. In versions <=8.5.1, the lack of algorithm definition in the jwt.verify() function can lead to signature validation bypass due to defaulting to the none algorithm for signature verification. This allows attackers to forge JWT tokens without valid signatures, potentially gaining unauthorized access to protected resources.
Critical Impact
Attackers can bypass JWT signature validation by exploiting the default none algorithm behavior, allowing forged tokens to be accepted as valid, leading to authentication bypass and unauthorized access to protected systems.
Affected Products
- Auth0 jsonwebtoken library versions <=8.5.1 for Node.js
- Applications using jwt.verify() without explicitly specifying allowed algorithms
- Node.js applications relying on jsonwebtoken for authentication
Discovery Timeline
- 2022-12-22 - CVE-2022-23540 published to NVD
- 2025-02-13 - Last updated in NVD database
Technical Details for CVE-2022-23540
Vulnerability Analysis
This vulnerability stems from improper authentication logic in the jsonwebtoken library's signature verification process. When developers call jwt.verify() without explicitly defining which cryptographic algorithms are acceptable, the library defaults to accepting the none algorithm. The none algorithm, as defined in the JWT specification, indicates an unsigned token—meaning no cryptographic signature is required for validation.
This design flaw creates a critical authentication bypass scenario. An attacker can craft a malicious JWT token, set its algorithm header to none, remove or omit the signature portion entirely, and the vulnerable jwt.verify() function will accept it as valid. This effectively negates the entire purpose of JWT signature verification, which is to ensure token integrity and authenticity.
The vulnerability is classified under CWE-287 (Improper Authentication) and CWE-347 (Improper Verification of Cryptographic Signature), reflecting its dual nature as both an authentication and cryptographic validation failure.
Root Cause
The root cause is the library's default acceptance of the none algorithm when no specific algorithms are configured in the jwt.verify() options. This permissive default behavior violates the principle of secure defaults, as it allows unsigned tokens to pass verification unless developers explicitly restrict allowed algorithms.
Attack Vector
An attacker can exploit this vulnerability remotely over the network by:
- Intercepting or observing a legitimate JWT token structure
- Creating a forged JWT with arbitrary claims (e.g., elevated privileges, different user identity)
- Setting the token's alg header to none
- Omitting or leaving the signature portion empty
- Submitting the forged token to the vulnerable application
The vulnerable jwt.verify() call without algorithm specification will accept the unsigned token as valid, granting the attacker unauthorized access.
// Security patch adding Node.js version checks for asymmetric key support
const semver = require('semver');
module.exports = semver.satisfies(process.version, '>=15.7.0');
Source: GitHub Commit
// RSA-PSS key details support check added in security patch
const semver = require('semver');
module.exports = semver.satisfies(process.version, '>=16.9.0');
Source: GitHub Commit
Detection Methods for CVE-2022-23540
Indicators of Compromise
- JWT tokens with "alg": "none" appearing in authentication logs
- Tokens with missing or empty signature segments (tokens ending with a period followed by nothing)
- Unusual authentication patterns where token signatures don't match expected algorithm types
- Increased authentication success rates without corresponding valid credential usage
Detection Strategies
- Scan application dependencies for jsonwebtoken versions <=8.5.1 using npm audit or Snyk
- Implement logging that captures the algorithm used in each JWT verification attempt
- Deploy Web Application Firewalls (WAF) with rules to detect alg: none in JWT headers
- Use static code analysis tools to identify jwt.verify() calls without explicit algorithm parameters
Monitoring Recommendations
- Enable detailed authentication logging to capture JWT algorithm headers and verification outcomes
- Monitor for sudden increases in successful authentications without corresponding valid sessions
- Set up alerts for any JWT tokens processed with the none algorithm
- Review application logs for tokens with malformed or missing signature segments
How to Mitigate CVE-2022-23540
Immediate Actions Required
- Upgrade jsonwebtoken library to version 9.0.0 or later immediately
- Audit all jwt.verify() calls in your codebase to ensure explicit algorithm specification
- Add input validation to reject tokens with alg: none at the application level
- Review recent authentication logs for potential exploitation attempts
Patch Information
Auth0 has addressed this vulnerability in jsonwebtoken version 9.0.0, which removes the default support for the none algorithm in the jwt.verify() method. Users should update to version 9.0.0 or later to remediate this issue. The fix is available via the GitHub commit e1fa9dcc12054a8681db4e6373da1b30cf7016e3. Additional details are available in the GitHub Security Advisory.
Workarounds
- Explicitly specify allowed algorithms in all jwt.verify() calls (e.g., { algorithms: ['RS256'] })
- Implement middleware to reject any incoming JWT with alg header set to none
- Add pre-verification checks to validate the algorithm header before calling jwt.verify()
# Update jsonwebtoken to patched version
npm update jsonwebtoken@^9.0.0
# Or install specific patched version
npm install jsonwebtoken@9.0.0
# Audit dependencies for vulnerable versions
npm audit
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
