Vulnerability Description
Passport-wsfed-saml2 is a ws-federation protocol and SAML2 tokens authentication provider for Passport. In versions prior to 4.6.3, a remote attacker may be able to bypass WSFed authentication on a website using passport-wsfed-saml2. A successful attack requires that the attacker is in possession of an arbitrary IDP signed assertion. Depending on the IDP used, fully unauthenticated attacks (e.g without access to a valid user) might also be feasible if generation of a signed message can be triggered. This issue is patched in version 4.6.3. Use of SAML2 authentication instead of WSFed is a workaround.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Auth0 | Passport-Wsfed-Saml2 | <= 4.6.2 |
Related Weaknesses (CWE)
References
- https://github.com/auth0/passport-wsfed-saml2/security/advisories/GHSA-ppjq-qxhxThird Party Advisory
- https://github.com/auth0/passport-wsfed-saml2/security/advisories/GHSA-ppjq-qxhxThird Party Advisory
FAQ
What is CVE-2022-23505?
CVE-2022-23505 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Passport-wsfed-saml2 is a ws-federation protocol and SAML2 tokens authentication provider for Passport. In versions prior to 4.6.3, a remote attacker may be able to bypass WSFed authentication on a we...
How severe is CVE-2022-23505?
CVE-2022-23505 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-23505?
Check the references section above for vendor advisories and patch information. Affected products include: Auth0 Passport-Wsfed-Saml2.