CVE-2022-39299
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
12/10/2022
Last modified:
20/01/2023
Description
Passport-SAML is a SAML 2.0 authentication provider for Passport, the Node.js authentication library. A remote attacker may be able to bypass SAML authentication on a website using passport-saml. A successful attack requires that the attacker is in possession of an arbitrary IDP signed XML element. Depending on the IDP used, fully unauthenticated attacks (e.g without access to a valid user) might also be feasible if generation of a signed message can be triggered. Users should upgrade to passport-saml version 3.2.2 or newer. The issue was also present in the beta releases of `node-saml` before version 4.0.0-beta.5. If you cannot upgrade, disabling SAML authentication may be done as a workaround.
Impact
Base Score 3.x
8.10
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:passport-saml_project:passport-saml:*:*:*:*:*:node.js:*:* | 3.2.2 (excluding) | |
| cpe:2.3:a:passport-saml_project:passport-saml:4.0.0:beta1:*:*:*:node.js:*:* | ||
| cpe:2.3:a:passport-saml_project:passport-saml:4.0.0:beta2:*:*:*:node.js:*:* | ||
| cpe:2.3:a:passport-saml_project:passport-saml:4.0.0:beta3:*:*:*:node.js:*:* | ||
| cpe:2.3:a:passport-saml_project:passport-saml:4.0.0:beta4:*:*:*:node.js:*:* |
To consult the complete list of CPE names with products and versions, see this page