CVE-2020-36255 – CVE-2020-36255 is a vulnerability in IdentityMo... (How to Fix)

Q: What is the severity of CVE-2020-36255?

CVE-2020-36255 has a CVSS score of 7.5 (HIGH). CVE-2020-36255 is a vulnerability in IdentityModel's Branca token implementation that allows attackers to modify and forge authentication tokens. This affects applications using ScottBrady.IdentityModel for authentication before version 1.3.0. Attackers could bypass authentication or impersonate users.

📋 TL;DR

CVE-2020-36255 is a vulnerability in IdentityModel's Branca token implementation that allows attackers to modify and forge authentication tokens. This affects applications using ScottBrady.IdentityModel for authentication before version 1.3.0. Attackers could bypass authentication or impersonate users.

💻 Affected Systems

Products:

ScottBrady.IdentityModel (IdentityModel)

Versions: All versions before 1.3.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects applications using the Branca token implementation within IdentityModel.

📦 What is this software?

Identitymodel by Identitymodel Project

View all CVEs affecting Identitymodel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete authentication bypass allowing attackers to impersonate any user, access sensitive data, or perform unauthorized administrative actions.

🟠

Likely Case

Authentication token forgery leading to unauthorized access to user accounts and potential privilege escalation.

🟢

If Mitigated

Limited impact with proper token validation and additional authentication layers in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires understanding of Branca token format but is straightforward once understood.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.3.0

Vendor Advisory: https://github.com/scottbrady91/IdentityModel/compare/1.2.0...1.3.0

Restart Required: Yes

Instructions:

1. Update IdentityModel package to version 1.3.0 or later. 2. Restart the application. 3. Regenerate all existing Branca tokens.

🔧 Temporary Workarounds

Disable Branca tokens

all

Temporarily disable Branca token authentication until patching is complete

Implement additional token validation

all

Add custom validation logic to verify token integrity beyond the vulnerable implementation

🧯 If You Can't Patch

Implement network segmentation to isolate affected systems
Deploy Web Application Firewall (WAF) with token validation rules

🔍 How to Verify

Check if Vulnerable:

Check if IdentityModel package version is below 1.3.0 in your project dependencies

Check Version:

Check package manager (NuGet) for IdentityModel version

Verify Fix Applied:

Verify IdentityModel package version is 1.3.0 or higher and test token validation functionality

📡 Detection & Monitoring

Log Indicators:

Unexpected authentication failures
Multiple failed token validation attempts
Authentication from unusual locations

Network Indicators:

Unusual authentication patterns
Token reuse from different IPs

SIEM Query:

Authentication logs where token validation fails or succeeds unexpectedly

📊 Metadata

CVE ID: CVE-2020-36255

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Published: March 5, 2021

Last Updated: November 21, 2024

🔗 References

https://github.com/scottbrady91/IdentityModel/compare/1.2.0...1.3.0 Patch,Release Notes,Third Party Advisory
https://github.com/scottbrady91/IdentityModel/issues/3 Broken Link,Issue Tracking,Third Party Advisory
https://github.com/scottbrady91/IdentityModel/issues/4 Broken Link,Issue Tracking,Third Party Advisory
https://github.com/scottbrady91/IdentityModel/compare/1.2.0...1.3.0 Patch,Release Notes,Third Party Advisory
https://github.com/scottbrady91/IdentityModel/issues/3 Broken Link,Issue Tracking,Third Party Advisory
https://github.com/scottbrady91/IdentityModel/issues/4 Broken Link,Issue Tracking,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON