- Description
- node SAML is a SAML 2.0 library based on the SAML implementation of passport-saml. A remote attacker may be able to bypass SAML authentication on a website using passport-saml. A successful attack requires that the attacker is in possession of an arbitrary IDP signed XML element. Depending on the IDP used, fully unauthenticated attacks (e.g without access to a valid user) might also be feasible if generation of a signed message can be triggered. Users should upgrade to node-saml version 4.0.0-beta5 or newer. Disabling SAML authentication may be done as a workaround.
- Source
- security-advisories@github.com
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 8.1
- Impact score
- 5.9
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:node_saml_project:node_saml:*:*:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "8ED97285-B7FC-4998-83F1-6F1F3B7D815D",
"versionEndExcluding": "4.0.0"
},
{
"criteria": "cpe:2.3:a:node_saml_project:node_saml:4.0.0:beta0:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "377E404E-64E0-4866-A7D3-7A9FFFCF5C58"
},
{
"criteria": "cpe:2.3:a:node_saml_project:node_saml:4.0.0:beta1:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "763349AA-60D1-4670-90F6-2175053A0258"
},
{
"criteria": "cpe:2.3:a:node_saml_project:node_saml:4.0.0:beta2:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "EC48DA5E-5FE9-4281-927E-CC6D5E6E1AF8"
},
{
"criteria": "cpe:2.3:a:node_saml_project:node_saml:4.0.0:beta3:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "DCBFE400-E3A3-489F-8A77-7416B3B018A8"
},
{
"criteria": "cpe:2.3:a:node_saml_project:node_saml:4.0.0:beta4:*:*:*:node.js:*:*",
"vulnerable": true,
"matchCriteriaId": "EA9A3CB3-780A-40CC-B1F6-DB42ACEC88B3"
}
],
"operator": "OR"
}
]
}
]