Vulnerability Description
Covenant 0.1.3 - 0.5 contains a remote code execution vulnerability that allows attackers to craft malicious JWT tokens with administrative privileges. Attackers can generate forged tokens with admin roles and upload custom DLL payloads to execute arbitrary commands on the target system.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cobbr | Covenant | >= 0.1.3, <= 0.5 |
Related Weaknesses (CWE)
References
- https://cobbr.io/Covenant.htmlBroken Link
- https://github.com/Zeop-CyberSec/covenant_rce/blob/master/covenant_jwt_rce.rbProduct
- https://github.com/cobbr/CovenantProduct
- https://web.archive.org/web/20201013165001/https://twitter.com/cobbr_io/status/1Issue Tracking
- https://web.archive.org/web/20201101052547/https://blog.null.farm/hunting-the-huExploitThird Party Advisory
- https://www.exploit-db.com/exploits/51141Exploit
- https://www.vulncheck.com/advisories/covenant-remote-code-execution-rceThird Party Advisory
- https://github.com/Zeop-CyberSec/covenant_rce/blob/master/covenant_jwt_rce.rbProduct
- https://web.archive.org/web/20201101052547/https://blog.null.farm/hunting-the-huExploitThird Party Advisory
FAQ
What is CVE-2020-36911?
CVE-2020-36911 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Covenant 0.1.3 - 0.5 contains a remote code execution vulnerability that allows attackers to craft malicious JWT tokens with administrative privileges. Attackers can generate forged tokens with admin ...
How severe is CVE-2020-36911?
CVE-2020-36911 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2020-36911?
Check the references section above for vendor advisories and patch information. Affected products include: Cobbr Covenant.