OmniAuth-SAML authentication bypass via incorrect XML canonicalization and DOM traversal

GHSA-94hm-8q65-rmxm · CVE-2017-11430

Published Jul 5, 2019 · Modified Feb 16, 2024

Description

OmniAuth OmniAuth-SAML 1.9.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2017-11430
WEB https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations
PACKAGE https://github.com/omniauth/omniauth-saml
WEB https://github.com/rubysec/ruby-advisory-db/blob/master/gems/omniauth-saml/CVE-2017-11430.yml
WEB https://www.kb.cert.org/vuls/id/475445

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes