216 matches found
PT-2023-28147 · Sustainsys +1 · Sustainsys.Saml2 +1
Name of the Vulnerable Software and Affected Versions: Sustainsys.Saml2 versions prior to 1.0.3 Sustainsys.Saml2 versions prior to 2.9.2 Description: The Sustainsys.Saml2 library adds SAML2P support to ASP.NET web sites, allowing the web site to act as a SAML2 Service Provider. When a response is...
SAML Security Vulnerabilities
SAML is a library for Ross Kinder individual developers that contains a partial implementation of the saml standard in golang. That is, it allows third parties to authenticate your users, or allows third parties to rely on us to authenticate their users. A security vulnerability exists in...
Authentication Bypass
passport-wsfed-saml2 is vulnerable to Authentication Bypass. The vulnerability exists because the SAML signature validation in saml.js does not ensure that the Signature tag is in the proper location inside the Assertion tag, which allows an attacker to bypass permission checks and gain access to...
passport-wsfed-saml2 vulnerable to Signature Bypass in SAML2 token
Information Please note that this is not a new disclosure, and is previously reported in our SECURITY-NOTICE.md which we removed in favor of github advisory. Overview This vulnerability allows an attacker to impersonate another user and potentially elevate their privileges if the SAML identity...
GHSA-77FW-RF4V-VFP9 passport-wsfed-saml2 vulnerable to Signature Bypass in SAML2 token
Information Please note that this is not a new disclosure, and is previously reported in our SECURITY-NOTICE.md which we removed in favor of github advisory. Overview This vulnerability allows an attacker to impersonate another user and potentially elevate their privileges if the SAML identity...
PT-2023-32981 · Unknown · Passport-Wsfed-Saml2
Name of the Vulnerable Software and Affected Versions: passport-wsfed-saml2 versions prior to 3.0.10 Description: A vulnerability was found in the validation of a SAML signature, where the validation doesn't ensure that the Signature tag is at the proper location inside an Assertion tag. This lea...
Improper Certificate Validation
Amendment This was deemed not a vulnerability. Overview Affected versions of this package are vulnerable to Improper Certificate Validation due to missing SSL Certificate Validation. Note: The vendor does not consider this a vulnerability because the report is only about use of certificates at th...
CVE-2022-45597
ComponentSpace.Saml2 4.4.0 Missing SSL Certificate Validation. NOTE: the vendor does not consider this a vulnerability because the report is only about use of certificates at the application layer not the transport layer and "Certificates are exchanged in a controlled fashion between entities...
Authentication Bypass
passport-wsfed-saml2 is vulnerable to authentication bypass. The vulnerability exists in the retrieveToken function of wsfederation.js due to a lack of proper validation when more than one assertion is inside a token response for WS-Fed, which allows an attacker to bypass WSFed authentication...
GHSA-PPJQ-QXHX-M25F Authentication Bypass for passport-wsfed-saml2
Overview A remote attacker can bypass WSFed authentication on a website using passport-wsfed-saml2. A successful attack requires that the attacker is in possession of an arbitrary IDP signed WSFed assertion. Depending on the IDP used, fully unauthenticated attacks e.g without access to a valid us...
CVE-2022-23505
Passport-wsfed-saml2 is a ws-federation protocol and SAML2 tokens authentication provider for Passport. In versions prior to 4.6.3, a remote attacker may be able to bypass WSFed authentication on a website using passport-wsfed-saml2. A successful attack requires that the attacker is in possession...
Authentication flaw
Passport-wsfed-saml2 is a ws-federation protocol and SAML2 tokens authentication provider for Passport. In versions prior to 4.6.3, a remote attacker may be able to bypass WSFed authentication on a website using passport-wsfed-saml2. A successful attack requires that the attacker is in possession...
CVE-2022-23505 Passport-wsfed-saml2 vulnerable to Authentication Bypass for WSFed authentication
Passport-wsfed-saml2 is a ws-federation protocol and SAML2 tokens authentication provider for Passport. In versions prior to 4.6.3, a remote attacker may be able to bypass WSFed authentication on a website using passport-wsfed-saml2. A successful attack requires that the attacker is in possession...
CVE-2022-23505
Passport-wsfed-saml2 (Node.js Passport strategy) prior to 4.6.3 is vulnerable to authentication bypass: an attacker who possesses an arbitrary IDP-signed WSFed assertion may bypass WSFed authentication on websites using the library. Depending on the IDP, fully unauthenticated (no valid user) atta...
PT-2022-16038 · Unknown · Passport-Wsfed-Saml2
Name of the Vulnerable Software and Affected Versions: Passport-wsfed-saml2 versions prior to 4.6.3 Description: A remote attacker may be able to bypass WSFed authentication on a website using passport-wsfed-saml2. A successful attack requires that the attacker is in possession of an arbitrary ID...
CVE-2018-7711
HTTPRedirect.php in the saml2 library in SimpleSAMLphp before 1.15.4 has an incorrect check of return values in the signature validation utilities, allowing an attacker to get invalid signatures accepted as valid by forcing an error during validation. This occurs because of a dependency on PHP...
GHSA-6875-FF47-R6P6 Ipsilon denial of service via a duplicate SP name
providers/saml2/admin.py in the Identity Provider IdP server in Ipsilon 0.1.0 before 1.0.1 does not properly check permissions to update the SAML2 Service Provider SP owner, which allows remote authenticated users to cause a denial of service via a duplicate SP name...
Ipsilon denial of service via a duplicate SP name
providers/saml2/admin.py in the Identity Provider IdP server in Ipsilon 0.1.0 before 1.0.1 does not properly check permissions to update the SAML2 Service Provider SP owner, which allows remote authenticated users to cause a denial of service via a duplicate SP name...
GHSA-9QP4-79Q8-58PR Ipsilon denial of service by deleting a SAML2 Service Provider (SP)
providers/saml2/admin.py in the Identity Provider IdP server in Ipsilon 0.1.0 before 1.0.2 and 1.1.x before 1.1.1 does not properly check permissions, which allows remote authenticated users to cause a denial of service by deleting a SAML2 Service Provider SP...
Ipsilon denial of service by deleting a SAML2 Service Provider (SP)
providers/saml2/admin.py in the Identity Provider IdP server in Ipsilon 0.1.0 before 1.0.2 and 1.1.x before 1.1.1 does not properly check permissions, which allows remote authenticated users to cause a denial of service by deleting a SAML2 Service Provider SP...