Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTczanAtM2M2Ny1oamZ2

High EPSS: 0.10511% (0.92551 Percentile) EPSS:
Permalink JSON

Authentication Bypass in passport-azure-ad

Affected Packages Affected Versions Fixed Versions
npm:passport-azure-ad
PURL: pkg:npm/passport-azure-ad
= 2.0.0, >= 1.0.0, < 1.4.6 2.0.1, 1.4.6
79 Dependent packages
559 Dependent repositories
768,506 Downloads last month

Affected Version Ranges

All affected versions

1.0.0, 1.1.0, 1.1.1, 1.2.0, 1.2.1, 1.3.0, 1.3.1, 1.3.2, 1.3.3, 1.3.4, 1.3.5, 1.3.6, 1.4.0, 1.4.1, 1.4.2, 1.4.3, 1.4.4, 1.4.5, 2.0.0

All unaffected versions

0.0.1, 0.0.2, 0.0.3, 0.0.4, 0.0.5, 1.4.6, 1.4.7, 1.4.8, 2.0.1, 2.0.2, 2.0.3, 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11, 3.0.12, 4.0.0, 4.1.0, 4.2.0, 4.2.1, 4.3.0, 4.3.1, 4.3.2, 4.3.3, 4.3.4, 4.3.5

Affected versions of passport-azure-ad do not recognize the validateIssuer setting, which allows remote attackers to bypass authentication via a crafted token.

Recommendation

Version 1.x: Update to version 1.4.6 or later.
Version 2.x: Update to version 2.0.1 or later.

References:

Identifiers

GHSA-73jp-3c67-hjfv

CVE-2016-7191

Risk

Severity

High

EPSS

EPSS Percentage: 0.10511

EPSS Percentile: 0.92551

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/AzureAD/passport-azure-ad

Date and time

Published

over 7 years ago

Updated

almost 3 years ago

API

JSON