Critical severity9.8NVD Advisory· Published Jan 31, 2025· Updated Jun 17, 2026
CVE-2024-53356
CVE-2024-53356
Description
Weak JWT Secret vulnerabilitiy in EasyVirt DCScope <= 8.6.0 and CO2Scope <= 1.3.0 allows remote attackers to generate JWT for privilege escalation. The HMAC secret used for generating tokens is hardcoded as "somerandomaccesstoken". A weak HMAC secret poses a risk because attackers can use the predictable secret to create valid JSON Web Tokens (JWTs), allowing them access to important information and actions within the application.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
1- github.com/Elymaro/CVE/blob/main/EasyVirt/CVE-2024-53356.mdnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.