Lucene search
K

369 matches found

CVE
CVE
added 2025/04/11 10:46 a.m.77 views

CVE-2025-23389

CVE-2025-23389 is an improper access control flaw in Rancher where a local user can impersonate other identities during first login via SAML. Affected Rancher releases: 2.8.0–2.8.13, 2.9.0–2.9.7, and 2.10.0–2.10.3. Impact per sources: high, with potential confidentiality and integrity impacts and...

8.4CVSS8.2AI score0.00444EPSS
Exploits0References2
OSV
OSV
added 2025/04/11 10:46 a.m.13 views

CVE-2025-23389 Rancher does not Properly Validate Account Bindings in SAML Authentication Enables User Impersonation on First Login

A Improper Access Control vulnerability in SUSE rancher allows a local user to impersonate other identities through SAML Authentication on first login. This issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3...

8.4CVSS6AI score0.00444EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2025/03/13 12:26 p.m.33 views

GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks

Two high-severity security flaws have been disclosed in the open-source ruby-saml library that could allow malicious actors to bypass Security Assertion Markup Language SAML authentication protections. SAML is an XML-based markup language and open-standard used for exchanging authentication and...

8.8CVSS9.7AI score0.63792EPSS
Exploits6
CVE
CVE
added 2025/03/12 8:53 p.m.2057 views

CVE-2025-25292

Ruby-saml contains an authentication bypass vulnerability caused by a parser differential between ReXML and Nokogiri. The issue affects versions older than 1.12.4 and 1.18.0, enabling a Signature Wrapping attack that can lead to bypassing SAML authentication. A patch exists in versions 1.12.4 and...

9.8CVSS7AI score0.63792EPSS
Exploits1References13Affected Software2
Github Security Blog
Github Security Blog
added 2025/03/12 8:20 p.m.42 views

Ruby SAML allows a SAML authentication bypass due to DOCTYPE handling (parser differential)

Summary An authentication bypass vulnerability was found in ruby-saml due to a parser differential. ReXML and Nokogiri parse XML differently, the parsers can generate entirely different document structures from the same XML input. That allows an attacker to be able to execute a Signature Wrapping...

9.8CVSS6.8AI score0.19506EPSS
Exploits1References16Affected Software1
Cvelist
Cvelist
added 2025/03/12 8:16 p.m.38 views

CVE-2025-25291 ruby-saml vulnerable to SAML authentication bypass due to DOCTYPE handling (parser differential)

ruby-saml provides security assertion markup language SAML single sign-on SSO for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently; the parsers can generate entirely...

9.3CVSS0.19506EPSS
Exploits1References10
CVE
CVE
added 2025/03/12 8:16 p.m.2016 views

CVE-2025-25291

ruby-saml vulnerabilities CVE-2025-25291/25292/25293 relate to a parser differential between ReXML and Nokogiri that enables a Signature Wrapping authentication bypass and related DoS when handling SAML inputs. Affected versions prior to 1.12.4 and 1.18.0 are vulnerable; fixes are shipped in 1.12...

9.8CVSS7AI score0.19506EPSS
Exploits1References13Affected Software2
Circl
Circl
added 2025/03/12 8:7 p.m.6 views

GHSA-4VC4-M8QH-G8JM

creationtimestamp| type| source ---|---|--- 2025-03-12 20:07:18+00:00| seen| https://github.blog/security/sign-in-as-anyone-bypassing-saml-sso-authentication-with-parser-differentials/ 2025-03-12 20:42:37+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7376 2025-03-13...

4.8AI score
Exploits0References3
OSV
OSV
added 2025/03/10 7:1 p.m.53 views

GO-2025-3505 Fleet has SAML authentication vulnerability due to improper SAML response validation in github.com/fleetdm/fleet

Fleet has SAML authentication vulnerability due to improper SAML response validation in github.com/fleetdm/fleet. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports...

9.3CVSS6.5AI score0.00623EPSS
Exploits0References4
OSV
OSV
added 2025/03/06 7:12 p.m.6 views

GHSA-52JX-G6M5-H735 Fleet has SAML authentication vulnerability due to improper SAML response validation

Summary A vulnerability in Fleet’s SAML authentication handling could allow an attacker to forge authentication assertions and gain unauthorized access to Fleet. In certain configurations, this could result in the creation of new user accounts, including administrative accounts. This issue affect...

9.3CVSS8.4AI score0.00623EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2025/03/06 7:12 p.m.14 views

Fleet has SAML authentication vulnerability due to improper SAML response validation

Summary A vulnerability in Fleet’s SAML authentication handling could allow an attacker to forge authentication assertions and gain unauthorized access to Fleet. In certain configurations, this could result in the creation of new user accounts, including administrative accounts. This issue affect...

9.3CVSS8.4AI score0.00623EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2025/03/06 7:0 p.m.7 views

CVE-2025-27509 SAML authentication vulnerability due to improper SAML response validation

fleetdm/fleet is an open source device management, built on osquery. In vulnerable versions of Fleet, an attacker could craft a specially-formed SAML response to forge authentication assertions, provision a new administrative user account if Just-In-Time JIT provisioning is enabled, or create new...

9.3CVSS7.1AI score0.00623EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/06 7:0 p.m.51 views

CVE-2025-27509 SAML authentication vulnerability due to improper SAML response validation

fleetdm/fleet is an open source device management, built on osquery. In vulnerable versions of Fleet, an attacker could craft a specially-formed SAML response to forge authentication assertions, provision a new administrative user account if Just-In-Time JIT provisioning is enabled, or create new...

9.3CVSS0.00623EPSS
Exploits0References2
Veracode
Veracode
added 2025/03/05 7:55 a.m.8 views

Improper Access Control

Rancher is vulnerable to Improper Access Control. The vulnerability is due to improper access due to unauthenticated users being able to list and delete CLI authentication tokens before they can be retrieved, preventing CLI-based login for SAML-authenticated users...

5.3CVSS7.4AI score0.00508EPSS
Exploits0
OSV
OSV
added 2025/03/03 7:22 p.m.9 views

GO-2025-3490 Rancher does not Properly Validate Account Bindings in SAML Authentication Enables User Impersonation on First Login in github.com/rancher/rancher

Rancher does not Properly Validate Account Bindings in SAML Authentication Enables User Impersonation on First Login in github.com/rancher/rancher. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this...

8.4CVSS6.4AI score0.00444EPSS
Exploits0References1
OSV
OSV
added 2025/02/27 6:27 p.m.11 views

GHSA-MQ23-VVG7-XFM4 Rancher does not Properly Validate Account Bindings in SAML Authentication Enables User Impersonation on First Login

Impact A vulnerability in Rancher has been discovered, leading to a local user impersonation through SAML Authentication on first login. The issue occurs when a SAML authentication provider AP is configured e.g. Keycloak. A newly created AP user can impersonate any user on Rancher by manipulating...

8.4CVSS6.3AI score0.00444EPSS
Exploits0References14
Github Security Blog
Github Security Blog
added 2025/02/27 6:27 p.m.19 views

Rancher does not Properly Validate Account Bindings in SAML Authentication Enables User Impersonation on First Login

Impact A vulnerability in Rancher has been discovered, leading to a local user impersonation through SAML Authentication on first login. The issue occurs when a SAML authentication provider AP is configured e.g. Keycloak. A newly created AP user can impersonate any user on Rancher by manipulating...

8.4CVSS6.3AI score0.00444EPSS
Exploits0References14Affected Software1
Positive Technologies
Positive Technologies
added 2025/02/27 12:0 a.m.4 views

PT-2025-9096 · Rancher · Rancher

Name of the Vulnerable Software and Affected Versions: Rancher versions 2.8.0 through 2.8.12 Rancher versions 2.9.0 through 2.9.6 Rancher versions 2.10.0 through 2.10.2 Description: A local user can impersonate other identities through SAML Authentication on first login due to an improper access...

9.9CVSS7.3AI score0.93027EPSS
Exploits19References61
Positive Technologies
Positive Technologies
added 2025/02/27 12:0 a.m.4 views

PT-2025-9094 · Rancher · Rancher

Name of the Vulnerable Software and Affected Versions: Rancher versions prior to v2.8.13 Rancher versions prior to v2.9.7 Rancher versions prior to v2.10.3 Description: A vulnerability has been identified in Rancher where an unauthenticated user can list and delete CLI authentication tokens,...

9.9CVSS7.5AI score0.93027EPSS
Exploits19References54
Github Security Blog
Github Security Blog
added 2025/02/18 7:25 p.m.27 views

AspNetCore Remote Authenticator for CIE3.0 Allows SAML Response Signature Verification Bypass

Description Authentication using Spid and CIE is based on the SAML2 standard which provides for two entities: Identity Provider IdP: the system that authenticates users and provides identity information SAML assertions to the Service Provider, essentially, it is responsible for managing user...

9.1CVSS7.3AI score0.0056EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder