Multiple SAML Libraries Multiple Authentication Bypass Vulnerabilities

Bugtraq ID: 103172
Class: Access Validation Error
CVE: CVE-2017-11427
CVE-2017-11428
CVE-2017-11429
CVE-2017-11430
CVE-2018-0489
Remote: Yes
Local: No
Published: Feb 27 2018 12:00AM
Updated: Feb 27 2018 12:00AM
Credit: Kelby Ludwig of Duo Security
Vulnerable: Shibboleth OpenSAML-C++ 0
OneLogin ruby-saml 1.2
OneLogin ruby-saml 1.1
OneLogin ruby-saml 1.0
OneLogin ruby-saml 0.7.3
OneLogin ruby-saml 0.5
OneLogin ruby-saml 0.4
OneLogin ruby-saml 0.3
OneLogin ruby-saml 0.2
OneLogin ruby-saml 0.9
OneLogin ruby-saml 0.8
OneLogin python3-saml 1.3
OneLogin python3-saml 1.2
OneLogin python3-saml 1.1.1
OneLogin python-saml 2.3
OneLogin python-saml 2.2
OneLogin python-saml 2.1
OneLogin python-saml 1.1
OneLogin python-saml 1.0
OmniAuth OmniAuth-SAML 1.7
OmniAuth OmniAuth-SAML 1.6
OmniAuth OmniAuth-SAML 1.5
OmniAuth OmniAuth-SAML 1.4
OmniAuth OmniAuth-SAML 1.3
OmniAuth OmniAuth-SAML 1.2
OmniAuth OmniAuth-SAML 1.1
OmniAuth OmniAuth-SAML 1.0
OmniAuth OmniAuth-SAML 0.90
Clever saml2-js 2.0
Clever saml2-js 1.0
Not Vulnerable: OneLogin ruby-saml 1.7
OneLogin ruby-saml 0.9.3
OneLogin ruby-saml 0.8.3
OneLogin python3-saml 1.4
OneLogin python-saml 2.4


 

Privacy Statement
Copyright 2010, SecurityFocus