Signature Validation Bypass
Critical severity
GitHub Reviewed
Published
Sep 29, 2020
in
russellhaering/gosaml2
•
Updated Jan 9, 2023
Package
Affected versions
< 0.5.0
Patched versions
0.5.0
Description
Reviewed
May 21, 2021
Published to the GitHub Advisory Database
May 24, 2021
Last updated
Jan 9, 2023
Impact
Given a valid SAML Response, an attacker can potentially modify the document, bypassing signature validation in order to pass off the altered document as a signed one.
This enables a variety of attacks, including users accessing accounts other than the one to which they authenticated in the identity provider, or full authentication bypass if an external attacker can obtain an expired, signed SAML Response.
Patches
A patch is available, users of gosaml2 should upgrade to v0.5.0 or higher.
References
See the underlying advisory on goxmldsig for more details.
References