Passport-wsfed-saml2 vulnerable to Authentication Bypass for WSFed authentication
Description
Passport-wsfed-saml2 is a ws-federation protocol and SAML2 tokens authentication provider for Passport. In versions prior to 4.6.3, a remote attacker may be able to bypass WSFed authentication on a website using passport-wsfed-saml2. A successful attack requires that the attacker is in possession of an arbitrary IDP signed assertion. Depending on the IDP used, fully unauthenticated attacks (e.g without access to a valid user) might also be feasible if generation of a signed message can be triggered. This issue is patched in version 4.6.3. Use of SAML2 authentication instead of WSFed is a workaround.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
passport-wsfed-saml2npm | < 4.6.3 | 4.6.3 |
Affected products
2- Range: < 4.6.3
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-ppjq-qxhx-m25fghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-23505ghsaADVISORY
- github.com/auth0/passport-wsfed-saml2/pull/179ghsaWEB
- github.com/auth0/passport-wsfed-saml2/security/advisories/GHSA-ppjq-qxhx-m25fghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.