CVE-2017-18122

🗓️ 02 Feb 2018 15:00:29Reported by [email protected]Type

A signature-validation bypass issue in SimpleSAMLphp allows impersonation of any use

Reporter	Title	Published	Views	Family All 19
OSV	SimpleSAMLphp Signature validation bypass	14 May 202201:04	–	osv
OSV	CVE-2017-18122	2 Feb 201815:29	–	osv
OSV	simplesamlphp - security update	9 Feb 201800:00	–	osv
OSV	simplesamlphp - security update	2 Mar 201800:00	–	osv
Veracode	Authentication Bypass	18 Jul 201806:12	–	veracode
Github Security Blog	SimpleSAMLphp Signature validation bypass	14 May 202201:04	–	github
Prion	Input validation	2 Feb 201815:29	–	prion
CVE	CVE-2017-18122	2 Feb 201815:29	–	cve
Cvelist	CVE-2017-18122	2 Feb 201815:00	–	cvelist
Friends Of PHP	Signature validation bypass (SAML 1.1)	25 Oct 201710:54	–	friendsofphp

Nvd

Node

simplesamlphp simplesamlphpRange≤1.14.16

Node

debian debian_linuxMatch7.0

debian debian_linuxMatch8.0

debian debian_linuxMatch9.0

Source	Link
debian	www.debian.org/security/2018/dsa-4127
simplesamlphp	www.simplesamlphp.org/security/201710-01
lists	www.lists.debian.org/debian-lts-announce/2018/02/msg00008.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

02 Feb 2018 15:29Current

8High risk

Vulners AI Score8

CVSS26.8

CVSS38.1

EPSS0.00242

CWE-347