GHSA-c2jp-c369-7pvx: 
Model Context Protocol Schwachstellenanalyse und -minderung

FastMCP Auth Integration vulnerability (GHSA-c2jp-c369-7pvx) is a high-severity authentication bypass vulnerability discovered in FastMCP versions prior to 2.13.0. The vulnerability affects the authentication integration with Entra ID and other providers, where the FastMCP-hosted MCP server acts as an authorization provider. This security issue was published on October 28, 2025, and received a CVSS score of 7.3 (GitHub Advisory).

The vulnerability stems from FastMCP's handling of authorization flows when integrated with Entra ID. The FastMCP server acts as both an OAuth Client to the downstream authorization server and as an Authorization Server to the MCP client. The server hosts Protected Resource Metadata (PRM) and Authorization Server metadata, managing client-to-server authorization before delegating downstream effects to its redirect logic. The vulnerability exploits the persistence of Entra ID's browser cookie capturing authorization state, which prevents re-authorization prompts after initial consent (GitHub Advisory).

The vulnerability allows for a confused deputy account takeover, potentially leading to server account compromise. An attacker can exploit this vulnerability to gain unauthorized access to a victim's account on the MCP server, effectively impersonating the victim and accessing their resources (GitHub Advisory).

The vulnerability has been patched in FastMCP version 2.13.0. Users should upgrade to this version or later to protect against this security issue (GitHub Advisory).