Base Score

HIGH7.5

CVE-2018-7644

The XmlSecLibs library as used in the saml2 library in SimpleSAMLphp before 1.15.3 incorrectly verifies signatures on SAML assertions, allowing a remote attacker to construct a crafted SAML assertion on behalf of an Identity Provider that would pass as cryptographically valid, thereby allowing them to impersonate a user from that Identity Provider, aka a key confusion issue.

VectorNETWORK

Published Bycve@mitre.org

Published DateMar 05, 2018, 14:29

Affected Versions(3)

simplesamlphp/saml2(Packagist)

Introduced0

Fixed1.10.5

LimitN/A

simplesamlphp/saml2(Packagist)

Introduced2.0

Fixed2.3.7

LimitN/A

simplesamlphp/saml2(Packagist)

Introduced3.0

Fixed3.1.3

LimitN/A

Package (Ecosystem)	Introduced	Fixed	Limit
simplesamlphp/saml2(Packagist)	0	1.10.5	N/A
simplesamlphp/saml2(Packagist)	2.0	2.3.7	N/A
simplesamlphp/saml2(Packagist)	3.0	3.1.3	N/A

Weakness Type (CWE):CWE-347

CVSS Metrics

Base Score

7.5

Vector String

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Base Severity

HIGH

Version

3.0

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

NONE

Integrity (I)

HIGH

Availability (A)

NONE

References

https://simplesamlphp.org/security/201802-01

Base Score

HIGH7.5

Weakness Type (CWE):CWE-347

CVSS Metrics

Base Score

7.5

Vector String

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Base Severity

HIGH

Version

3.0

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

NONE

Integrity (I)

HIGH

Availability (A)

NONE