Critical severity9.8NVD Advisory· Published Aug 3, 2023· Updated Jun 17, 2026
CVE-2023-33371
CVE-2023-33371
Description
Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, allowing attackers to sign arbitrary session tokens and bypass authentication.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Control ID/IDSecuredescription
Patches
Vulnerability mechanics
References
2- claroty.com/team82/disclosure-dashboard/cve-2023-33371nvdThird Party Advisory
- www.controlid.com.br/en/access-control/idsecure/nvdVendor Advisory
News mentions
0No linked articles in our index yet.