CVE-2023-49087

2023-11-3006:15:47

CWE-345

GitHub_M

web.nvd.nist.gov

cve-2023-49087

xml-security

library

vulnerability

patch

hash value

verification

signature

encryption

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

17.8%

JSON

xml-security is a library that implements XML signatures and encryption. Validation of an XML signature requires verification that the hash value of the related XML-document matches a specific DigestValue-value, but also that the cryptographic signature on the SignedInfo-tree (the one that contains the DigestValue) verifies and matches a trusted public key. If an attacker somehow (i.e. by exploiting a bug in PHP’s canonicalization function) manages to manipulate the canonicalized version’s DigestValue, it would be possible to forge the signature. This issue has been patched in version 1.6.12 and 5.0.0-alpha.13.

Affected configurations

Nvd

Vulners

Node

simplesamlphpsaml2Match5.0.0alpha12

simplesamlphpxml-securityMatch1.6.11

VendorProductVersionCPE
simplesamlphpsaml25.0.0cpe:2.3:a:simplesamlphp:saml2:5.0.0:alpha12:*:*:*:*:*:*
simplesamlphpxml-security1.6.11cpe:2.3:a:simplesamlphp:xml-security:1.6.11:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
simplesamlphp	saml2	5.0.0	cpe:2.3:a:simplesamlphp:saml2:5.0.0:alpha12::::::
simplesamlphp	xml-security	1.6.11	cpe:2.3:a:simplesamlphp:xml-security:1.6.11:::::::*

CNA Affected

[
  {
    "vendor": "simplesamlphp",
    "product": "xml-security",
    "versions": [
      {
        "version": "= 1.6.11",
        "status": "affected"
      },
      {
        "version": "= 5.0.0-alpha.12",
        "status": "affected"
      }
    ]
  }
]