Upstream information
Description
The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in <= 12.2 and 1.13.0 <= 1.16.0 does not properly verify the signature of the SAML Response. An unauthenticated attacker with access to any signed saml document (by the IdP) can thus forge a SAML Response/Assertion with arbitrary contents. This would allow the attacker to log in as arbitrary user within the vulnerable system. This vulnerability is fixed in 1.17.0 and 1.12.3.SUSE information
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having critical severity.
| CNA (GitHub) | National Vulnerability Database | |
|---|---|---|
| Base Score | 10 | 9.8 |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Attack Vector | Network | Network |
| Attack Complexity | Low | Low |
| Privileges Required | None | None |
| User Interaction | None | None |
| Scope | Changed | Unchanged |
| Confidentiality Impact | High | High |
| Integrity Impact | High | High |
| Availability Impact | None | High |
| CVSSv3 Version | 3.1 | 3.1 |
SUSE Timeline for this CVE
CVE page created: Thu Sep 19 12:30:08 2024CVE page last modified: Wed Oct 30 17:42:45 2024