Impact
n8n before version 2.8.0 contains an authentication bypass that lets authenticated SSO users disable the system’s SSO enforcement via the API. This allows an attacker to create local password credentials and authenticate directly, circumventing the organization’s SSO policies and any multi‑factor authentication enforced at the identity provider. The weakness is an authorization flaw (CWE‑285) that can lead to unauthorized credential creation and potential escalation of privileges.
Affected Systems
The affected product is the n8n workflow automation platform, specifically all releases prior to 2.8.0. The vulnerability is present in n8n workflows shipped before the 2.8.0 release; no later version has been documented to remain vulnerable.
Risk and Exploitability
The CVSS score of 6 indicates moderate severity. EPSS is not available and the vulnerability is not listed in the CISA KEV catalog. Because the attack requires an existing authenticated SSO account and the ability to send API requests, the likely vector is remote API exploitation with privileged access. An attacker can disable SSO enforcement, create local logins, and then use those credentials to bypass MFA and other security controls, potentially enabling further lateral movement or elevated privileges.
OpenCVE Enrichment