Signature Confusion Vulnerability in SimpleSAMLphp SAML2 Library
CVE-2025-27773

8.6HIGH

Key Information:

Vendor

SimplesamlPHP

Status
Saml2
Vendor
CVE Published:
11 March 2025

What is CVE-2025-27773?

The SimpleSAMLphp SAML2 library, utilized for SAML2 functionality, is exposed to a signature confusion vulnerability within its HTTP-Redirect binding. An attacker can exploit this vulnerability by sending a signed SAMLResponse, tricking the application into accepting an unsigned message. This flaw exists in versions prior to 4.17.0 and 5.0.0-alpha.20, which include patches to mitigate this security risk.

Affected Version(s)

saml2 < 4.17.0 < 4.17.0

saml2 >= 5.0.0-alpha.1, < 5.0.0-alpha.20 < 5.0.0-alpha.1, 5.0.0-alpha.20

References

https://github.com/simplesamlphp/saml2/security/advisorie...
x_refsource_CONFIRM
https://github.com/simplesamlphp/saml2/commit/7867d6099dc...
x_refsource_MISC
https://github.com/simplesamlphp/saml2/blob/9545abd0d9d48...
x_refsource_MISC

CVSS V3.1

Score:
8.6
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.