5.6 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
42.6%
Given a valid SAML Response, it may be possible for an attacker to mutate the XML document in such a way that gosaml2 will trust a different portion of the document than was signed.
Depending on the implementation of the Service Provider this enables a variety of attacks, including users accessing accounts other than the one to which they authenticated in the Identity Provider, or full authentication bypass.
Service Providers utilizing gosaml2 should upgrade to v0.6.0 or greater.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/russellhaering/gosaml2 | lt | 0.6.0 |
github.com/advisories/GHSA-xhqq-x44f-9fgg
github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-attributes.md
github.com/russellhaering/gosaml2/commit/42606dafba60c58c458f14f75c4c230459672ab9
github.com/russellhaering/gosaml2/security/advisories/GHSA-xhqq-x44f-9fgg
nvd.nist.gov/vuln/detail/CVE-2020-29509
pkg.go.dev/vuln/GO-2021-0060
security.netapp.com/advisory/ntap-20210129-0006/
5.6 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
42.6%