8.1

CVSS Score

3.0

Basic Information

CVE ID

GHSA ID

GHSA-7fpw-cfc4-3p2c

EPSS Score

CWE

CWE-290

Published

12/28/2017

Updated

6/21/2023

KEV Status

Technology

JavaScript

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

GHSA-7fpw-cfc4-3p2c

GHSA-7fpw-cfc4-3p2c: Duplicate advisory: High severity vulnerability that affects passport-wsfed-saml2

Duplicate advisory

This advisory has been withdrawn because it is a duplicate of GHSA-77fw-rf4v-vfp9. This link is maintained to preserve external references.

Original Description

A vulnerability has been discovered in the Auth0 passport-wsfed-saml2 library affecting versions < 3.0.5. This vulnerability allows an attacker to impersonate another user and potentially elevate their privileges if the SAML identity provider does not sign the full SAML response (e.g., only signs the assertion within the response).

(GitHub Advisory)

8.1

CVSS Score

3.0

Basic Information

CVE ID

GHSA ID

GHSA-7fpw-cfc4-3p2c

EPSS Score

CWE

CWE-290

Published

12/28/2017

Updated

6/21/2023

KEV Status

Technology

JavaScript

Technical Details

CVSS Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
passport-wsfed-saml2	npm	< 3.0.5	3.0.5

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from improper SAML response validation where only assertion signatures were checked. The Auth0 bulletin explicitly mentions XPath expression improvements and response/assertion wrapping attack prevention. These would require modifications to the core SAML processing functions - validateSignature for signature scope validation and parseResponse for proper element extraction. The functions are named based on standard SAML processing patterns in Passport.js strategies and Auth0's remediation description.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

## *upli**t* **visory T*is **visory **s ***n wit**r*wn ****us* it is * *upli**t* o* **S*-***w-r**v-v*p*. T*is link is m*int*in** to pr*s*rv* *xt*rn*l r***r*n**s. ## Ori*in*l **s*ription * vuln*r**ility **s ***n *is*ov*r** in t** *ut** p*ssport-ws***

Reasoning

T** vuln*r**ility st*ms *rom improp*r S*ML r*spons* v*li**tion w**r* only *ss*rtion si*n*tur*s w*r* ****k**. T** *ut** *ull*tin *xpli*itly m*ntions XP*t* *xpr*ssion improv*m*nts *n* r*spons*/*ss*rtion wr*ppin* *tt**k pr*v*ntion. T**s* woul* r*quir* m

8.1

Basic Information

Concerned about an active attack path?

GHSA-7fpw-cfc4-3p2c: Duplicate advisory: High severity vulnerability that affects passport-wsfed-saml2

Duplicate advisory

Original Description

8.1

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI