SAML authentication vulnerability due to stdlib XML parsing

Impact

Due to issues in Go’s standard library XML parsing, a valid SAML response may be mutated by an attacker to modify the trusted document. This can result in allowing unverified logins from a SAML IdP.

Users that configure Fleet with SSO login may be vulnerable to this issue.

Patches

This issue is patched in 3.5.1 using https://github.com/mattermost/xml-roundtrip-validator.

Workarounds

If upgrade to 3.5.1 is not possible, users should disable SSO authentication in Fleet.

References

See https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/ for more information about the underlying vulnerabilities.

For more information

If you have any questions or comments about this advisory:

• Email us at [email protected]
• Join #fleet in osquery Slack