CVE-2022-23505: Authentication Bypass for passport-wsfed-saml2
5.3
CVSS Score
3.1
Basic Information
CVE ID
GHSA ID
EPSS Score
0.17038%
CWE
Published
12/13/2022
Updated
1/31/2023
KEV Status
No
Technology
JavaScript
Technical Details
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
passport-wsfed-saml2 | npm | < 4.6.3 | 4.6.3 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stems from improper assertion validation in WS-Fed token processing. The GitHub PR #179 shows the fix adds a check for exactly one Assertion element. Prior to 4.6.3, the library would process the first assertion without validating the count, enabling bypass if an attacker provided multiple assertions. The file path and vulnerability pattern match the CWE-287
(Improper Authentication) description, and the patch directly addresses this by adding assertion count validation.