CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
Percentile
31.3%
Sustainsys.Saml2 is vulnerable to Authentication Bypass. The vulnerability is caused by a missing validation check for the issuer of the Saml2 assertion in a Saml2 response and issuer identified in the stored request state. This can lead to a malicious identity provider to craft a Saml2 response that is processed as if issued by another identity provider and it can also lead to a malicious end user to cause stored state intended for one identity provider to be used when processing the response from another provider. An application is impacted only if they rely on these two features - issuer of the generated identity and claims or items in the stored request state (AuthenticationProperties
).