Description
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Microsoft Entra ID SSO Login allows Privilege Escalation.This issue affects Microsoft Entra ID SSO Login: from 0.0.0 before 1.0.4.
Published: 2026-02-04
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Authentication Bypass leading to Privilege Escalation
Action: Patch Now
AI Analysis

Impact

This vulnerability allows an attacker to bypass the standard authentication flow in the Microsoft Entra ID SSO Login integration for Drupal by using an alternate path or channel, thereby achieving higher privileges than originally intended. The weakness is related to inadequate control of authentication mechanisms (CWE‑288). The result is that an attacker can authenticate as a privileged user without providing valid credentials.

Affected Systems

Drupal users running the Microsoft Entra ID SSO Login module before version 1.0.4 are vulnerable. The affected module versions span from the initial release (0.0.0) through the pre‑1.0.4 series.

Risk and Exploitability

The CVSS score is 6.5, indicating a moderate level of severity. The EPSS score is less than 1%, signaling that exploitation is expected to be rare at this time. This issue is not listed in the CISA Known Exploited Vulnerabilities catalog. The attack vector is remote, likely through web requests to the SSO endpoint, and requires no special privileges or prior access. An attacker can trigger the bypass by crafting a request that follows the unvalidated alternate channel.

Generated by OpenCVE AI on April 17, 2026 at 23:14 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Microsoft Entra ID SSO Login to version 1.0.4 or later as released by Drupal.
  • If an update is not yet available, limit access to the SSO login endpoint by placing it behind a firewall or VPN to reduce exposure to untrusted networks.
  • Continuously monitor authentication logs for abnormal login attempts or successful logins that result in elevated privileges, and investigate any suspicious activity promptly.

Generated by OpenCVE AI on April 17, 2026 at 23:14 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://www.drupal.org/sa-contrib-2026-005 cve-icon cve-icon
History

Wed, 11 Feb 2026 19:30:00 +0000

Type Values Removed Values Added
First Time appeared Jaseerkinangattil
Jaseerkinangattil microsoft Entra Id Sso Login
CPEs cpe:2.3:a:jaseerkinangattil:microsoft_entra_id_sso_login:*:*:*:*:*:drupal:*:*
Vendors & Products Jaseerkinangattil
Jaseerkinangattil microsoft Entra Id Sso Login

Thu, 05 Feb 2026 11:45:00 +0000

Type Values Removed Values Added
First Time appeared Drupal
Drupal microsoft Entra Id Sso Login
Vendors & Products Drupal
Drupal microsoft Entra Id Sso Login

Wed, 04 Feb 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 04 Feb 2026 20:45:00 +0000

Type Values Removed Values Added
Description Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Microsoft Entra ID SSO Login allows Privilege Escalation.This issue affects Microsoft Entra ID SSO Login: from 0.0.0 before 1.0.4.
Title Microsoft Entra ID SSO Login - Critical - Access bypass - SA-CONTRIB-2026-005
Weaknesses CWE-288
References

Subscriptions

Drupal Microsoft Entra Id Sso Login
Jaseerkinangattil Microsoft Entra Id Sso Login
cve-icon MITRE

Status: PUBLISHED

Assigner: drupal

Published:

Updated: 2026-02-04T21:23:18.337Z

Reserved: 2026-01-14T16:52:33.298Z

Link: CVE-2026-0948

cve-icon Vulnrichment

Updated: 2026-02-04T21:22:13.568Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-04T21:15:59.143

Modified: 2026-02-11T19:19:14.273

Link: CVE-2026-0948

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T23:15:30Z

Weaknesses