EIQ-2018-0004



ID

EIQ-2018-0004

(Former ref.: 1801-04)

CVE

-

Description

Alternative login is vulnerable to XML external entity (XXE) attacks

Date

-

Severity

1 - LOW

CVSSv3 score

CVSSv3 score not available on NIST NVD.

Status

images/s/-u524h5/8501/61630d2d4f75946459caa0b3dbdac9bd6d7a7de4/_/images/icons/emoticons/check.svg 2.3.4

Assessment

A vulnerability in the SAML authentication module was identified that may allow an attacker to manipulate XML messages as part of SAML authentication.
A compromised SAML server may force the platform to read arbitrary files, execute remote code, establish arbitrary network communication, and create denial-of-service conditions.

Mitigation

The SAML configuration module explicitly enforces safe XML parsing when generating metadata strings.

Affected versions

It affects only platform instances where SAML is the active authentication mechanism.

Notes

This vulnerability has a low probability to occur:

  • SAML is disabled by default.

  • The platform uses the pysaml2 library to correctly clean and sanitize data.

  • It is possible to exploit the vulnerability only if SAML configuration is enabled; that is, only if the following field is set to True in /etc/eclecticiq/platform_settings.py:
    SAML_CONFIGURE_MODE = True

< Back to all security issues and mitigation actions

In release notes 2.3.4