EIQ-2018-0004#

ID	EIQ-2018-0004 (Former ref.: 1801-04)
CVE	-
Description	Alternative login is vulnerable to XML external entity (XXE) attacks
Date	-
Severity	1 - LOW
CVSSv3 score	CVSSv3 score not available on NIST NVD.
Status	✅ 2.3.4
Assessment	A vulnerability in the SAML authentication module was identified that may allow an attacker to manipulate XML messages as part of SAML authentication. A compromised SAML server may force the platform to read arbitrary files, execute remote code, establish arbitrary network communication, and create denial-of-service conditions.
Mitigation	The SAML configuration module explicitly enforces safe XML parsing when generating metadata strings.
Affected versions	It affects only platform instances where SAML is the active authentication mechanism.
Notes	This vulnerability has a low probability to occur: SAML is disabled by default. The platform uses the pysaml2 library to correctly clean and sanitize data. It is possible to exploit the vulnerability only if SAML configuration is enabled; that is, only if the following field is set to `True` in `/etc/eclecticiq/platform_settings.py`: SAML_CONFIGURE_MODE = True