CVE-2023-41890

Sustainsys.Saml2 library adds SAML2P support to ASP.NET web sites, allowing the web site to act as a SAML2 Service Provider. Prior to versions 1.0.3 and 2.9.2, when a response is processed, the issuer of the Identity Provider is not sufficiently validated. This could allow a malicious identity...

Authentication Bypass

Sustainsys.Saml2 is vulnerable to Authentication Bypass. The vulnerability is caused by a missing validation check for the issuer of the Saml2 assertion in a Saml2 response and issuer identified in the stored request state. This can lead to a malicious identity provider to craft a Saml2 response...

GHSA-FV2H-753J-9G39 Sustainsys.Saml2 Insufficient Identity Provider Issuer Validation

Impact When a response is processed, the issuer of the Identity Provider is not sufficiently validated. This could allow a malicious identity provider to craft a Saml2 response that is processed as if issued by another identity provider. It is also possible for a malicious end user to cause store...

Authentication Bypass by Alternate Name

Overview Sustainsys.Saml2 is a SAML2 protocol support. Affected versions of this package are vulnerable to Authentication Bypass by Alternate Name due to improper validation in the AcsCommandResultCreated function. An attacker can craft a SAML2 response that is processed as if issued by another...

CVE-2023-41890

Sustainsys.Saml2 library adds SAML2P support to ASP.NET web sites, allowing the web site to act as a SAML2 Service Provider. Prior to versions 1.0.3 and 2.9.2, when a response is processed, the issuer of the Identity Provider is not sufficiently validated. This could allow a malicious identity...

CVE-2023-41890 Sustainsys.Saml2 Insufficient Identity Provider Issuer Validation

Sustainsys.Saml2 library adds SAML2P support to ASP.NET web sites, allowing the web site to act as a SAML2 Service Provider. Prior to versions 1.0.3 and 2.9.2, when a response is processed, the issuer of the Identity Provider is not sufficiently validated. This could allow a malicious identity...

CVE-2023-41890 Sustainsys.Saml2 Insufficient Identity Provider Issuer Validation

Sustainsys.Saml2 library adds SAML2P support to ASP.NET web sites, allowing the web site to act as a SAML2 Service Provider. Prior to versions 1.0.3 and 2.9.2, when a response is processed, the issuer of the Identity Provider is not sufficiently validated. This could allow a malicious identity...

CVE-2023-41890

Sustainsys.Saml2 (used to add SAML2P to ASP.NET sites) contains CVE-2023-41890 due to insufficient validation of the IdP issuer when processing a response. This can let a malicious IdP craft a SAML2 response that appears to come from another IdP, and an end user could cause stored AuthenticationP...

CVE-2023-41890 Sustainsys.Saml2 Insufficient Identity Provider Issuer Validation

Sustainsys.Saml2 library adds SAML2P support to ASP.NET web sites, allowing the web site to act as a SAML2 Service Provider. Prior to versions 1.0.3 and 2.9.2, when a response is processed, the issuer of the Identity Provider is not sufficiently validated. This could allow a malicious identity...

Subject Confirmation Method not validated in Saml2 Authentication Services for ASP.NET

Impact Saml2 tokens are usually used as bearer tokens - a caller that presents a token is assumed to be the subject of the token. There is also support in the Saml2 protocol for issuing tokens that is tied to a subject through other means, e.g. holder-of-key where possession of a private key must...

Authorization Bypass

sustainsys.saml2 is vulnerable to authorization bypass. The vulnerability exists as it recognizes all incoming tokens as bearer tokens. A user would not require a valid Saml2 bearer token to create a log in session...

Session fixation

In Saml2 Authentication Services for ASP.NET versions before 1.0.2, and between 2.0.0 and 2.6.0, there is a vulnerability in how tokens are validated in some cases. Saml2 tokens are usually used as bearer tokens - a caller that presents a token is assumed to be the subject of the token. There is...

CVE-2020-5268

In Saml2 Authentication Services for ASP.NET, versions before 1.0.2 and between 2.0.0 and 2.6.0 contain a vulnerability in token validation. Sustainsys.Saml2 incorrectly treats all incoming tokens as bearer tokens, despite tokens being subject-confirmed by other means (e.g., holder-of-key). An at...

Replay Attack

sustainsys.saml2 is vulnerable to replay attack. Inadequate and insecure implementation of the token replay detection allows an attacker to replay authentication tokens in the Single Sign On solutions...

CVE-2020-5261

Saml2 Authentication services for ASP.NET NuGet package Sustainsys.Saml2 greater than 2.0.0, and less than version 2.5.0 has a faulty implementation of Token Replay Detection. Token Replay Detection is an important defence in depth measure for Single Sign On solutions. The 2.5.0 version is patche...

CVE-2020-5261 Missing Token Replay Detection

Saml2 Authentication services for ASP.NET NuGet package Sustainsys.Saml2 greater than 2.0.0, and less than version 2.5.0 has a faulty implementation of Token Replay Detection. Token Replay Detection is an important defence in depth measure for Single Sign On solutions. The 2.5.0 version is patche...

CVE-2020-5261

Saml2 Authentication services for ASP.NET NuGet package Sustainsys.Saml2 greater than 2.0.0, and less than version 2.5.0 has a faulty implementation of Token Replay Detection. Token Replay Detection is an important defence in depth measure for Single Sign On solutions. The 2.5.0 version is patche...