Unauthenticated Signature Verification Vulnerability Affects Ruby-SAML
CVE-2024-45409
Key Information:
- Vendor
- Saml-toolkits
- Status
- Ruby-saml
- Vendor
- CVE Published:
- 10 September 2024
Badges
Summary
A vulnerability exists in the Ruby SAML library related to improper verification of the signature of SAML Responses. This flaw, present in versions of Ruby-SAML up to 12.2 and between 1.13.0 and 1.16.0, allows an unauthenticated attacker with access to any signed SAML document from the Identity Provider (IdP) to forge a SAML Response or Assertion. Consequently, the attacker can gain unauthorized access as any arbitrary user within the vulnerable system. The issue has been addressed in later versions 1.17.0 and 1.12.3.
Affected Version(s)
ruby-saml < 1.12.3 < 1.12.3
ruby-saml >= 1.13.0, < 1.17.0 < 1.13.0, 1.17.0
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
Get notified when SecurityVulnerability.io launches alerting π
Well keep you posted π§
News Articles
Help Net SecurityCVE-2024-45409Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409) - Help Net Security
Researchers have published an analysis of CVE-2024-45409 and an exploit script that may help attackers gain access as any user on GitLab.
GitLab Warns of Max Severity Authentication Bypass Bug
Company wants organizations that are self-hosting GitLab instances to apply its updates for CVE-2024-45409 as soon as possible.
References
EPSS Score
14% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- π‘
Public PoC available
- πΎ
Exploit known to exist
- π°
First article discovered
Vulnerability published
Vulnerability Reserved