{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-14T06:42:59.672","vulnerabilities":[{"cve":{"id":"CVE-2022-23505","sourceIdentifier":"security-advisories@github.com","published":"2022-12-13T08:15:09.067","lastModified":"2024-11-21T06:48:42.253","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Passport-wsfed-saml2 is a ws-federation protocol and SAML2 tokens authentication provider for Passport. In versions prior to 4.6.3, a remote attacker may be able to bypass WSFed authentication on a website using passport-wsfed-saml2. A successful attack requires that the attacker is in possession of an arbitrary IDP signed assertion. Depending on the IDP used, fully unauthenticated attacks (e.g without access to a valid user) might also be feasible if generation of a signed message can be triggered. This issue is patched in version 4.6.3. Use of SAML2 authentication instead of WSFed is a workaround."},{"lang":"es","value":"Passport-wsfed-saml2 es un protocolo ws-federation y un proveedor de autenticación de tokens SAML2 para Passport. En versiones anteriores a la 4.6.3, un atacante remoto podría eludir la autenticación WSFed en un sitio web utilizando passport-wsfed-saml2. Un ataque exitoso requiere que el atacante esté en posesión de una afirmación arbitraria firmada por un IDP. Dependiendo del IDP utilizado, los ataques totalmente no autenticados (por ejemplo, sin acceso a un usuario válido) también podrían ser factibles si se puede activar la generación de un mensaje firmado. Este problema se solucionó en la versión 4.6.3. El uso de la autenticación SAML2 en lugar de WSFed es un workaround."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:auth0:passport-wsfed-saml2:*:*:*:*:*:*:*:*","versionEndIncluding":"4.6.2","matchCriteriaId":"2E8A3AEF-D586-4136-82E9-966CC3CDC5AE"}]}]}],"references":[{"url":"https://github.com/auth0/passport-wsfed-saml2/security/advisories/GHSA-ppjq-qxhx-m25f","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"https://github.com/auth0/passport-wsfed-saml2/security/advisories/GHSA-ppjq-qxhx-m25f","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}