CRITICAL🇵🇱 Wersja polska

CVE-2026-42869

CVSS 10.0v3.1pub. 2026-05-11upd. 2026-05-13

SOCFortress CoPilot focuses on providing a single pane of glass for all your security operations needs. Prior to 0.1.57, SOCFortress CoPilot ships a hardcoded JWT signing secret as a fallback value in backend/app/auth/utils.py:28 and ships it verbatim in .env.example. Any deployment where JWT_SECRET is not explicitly set — including the default Docker Compose setup — signs all authentication tokens with this publicly known value. An unauthenticated attacker can forge arbitrary admin-scoped JWTs and gain full control of the application and every security tool it manages without any credentials. This vulnerability is fixed in 0.1.57.

🤖 AI Analysis
How it works

The application defines a hardcoded JWT secret value as a fallback in the backend/app/auth/utils.py file (line 28), and places the same value in the .env.example file. In the default Docker Compose configuration, the JWT_SECRET variable is not overridden by the operator, so all authentication tokens are signed with a publicly known secret. An attacker, knowing this secret, can independently generate a JWT token with administrator role and authenticate to the application without knowing any credentials.

Impact

An attacker gains unrestricted administrative access to the CoPilot application and all integrated security tools, which includes full confidentiality, integrity, and availability of data and managed systems.

Mitigation & patch

Update SOCFortress CoPilot to version 0.1.57 or later. Additionally, regardless of the update, immediately set a unique and random value for the JWT_SECRET environment variable in all deployments and invalidate all previously issued JWT tokens.

Who is affected

SOCFortress CoPilot in all versions before 0.1.57, particularly deployments using the default Docker Compose configuration where the JWT_SECRET environment variable has not been explicitly set.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth BypassContainer
CWE
References