CVE-2022-39299
Summary
| CVE | CVE-2022-39299 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2022-10-12 21:15:00 UTC |
|---|
| Updated | 2023-01-20 14:24:00 UTC |
|---|
| Description | Passport-SAML is a SAML 2.0 authentication provider for Passport, the Node.js authentication library. A remote attacker may be able to bypass SAML authentication on a website using passport-saml. A successful attack requires that the attacker is in possession of an arbitrary IDP signed XML element. Depending on the IDP used, fully unauthenticated attacks (e.g without access to a valid user) might also be feasible if generation of a signed message can be triggered. Users should upgrade to passport-saml version 3.2.2 or newer. The issue was also present in the beta releases of `node-saml` before version 4.0.0-beta.5. If you cannot upgrade, disabling SAML authentication may be done as a workaround. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| Merge pull request from GHSA-m974-647v-whv7 · node-saml/passport-saml@8b7e3f5 · GitHub |
MISC |
github.com |
|
| Node-saml Root Element Signature Bypass ≈ Packet Storm |
MISC |
packetstormsecurity.com |
|
| Signature bypass via multiple root elements · Advisory · node-saml/passport-saml · GitHub |
CONFIRM |
github.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 181457 Debian Security Update for node-xmldom (DLA 3260-1)
- 377811 Node-saml/passport-saml NPM Package Authentication Bypass Vulnerability (GHSA-m974-647v-whv7)
