Search criteria
1 vulnerability by Duo Security
CVE-2018-7340 (GCVE-0-2018-7340)
Vulnerability from cvelistv5 – Published: 2019-04-17 14:01 – Updated: 2024-08-05 06:24
VLAI?
Title
Multiple SAML libraries may allow authentication bypass via incorrect XML canonicalization and DOM traversal
Summary
Duo Network Gateway 1.2.9 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.
Severity ?
7.7 (High)
CWE
- CWE-287 - Improper Authentication
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Duo Security | Duo Network Gateway |
Affected:
unspecified , < 1.2.9
(custom)
|
Credits
Kelby Ludwig of Duo Security
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:24:11.848Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/475445"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Duo Network Gateway",
"vendor": "Duo Security",
"versions": [
{
"lessThan": "1.2.9",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Kelby Ludwig of Duo Security"
}
],
"descriptions": [
{
"lang": "en",
"value": "Duo Network Gateway 1.2.9 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-17T14:01:03",
"orgId": "7cd4c57f-0a88-4dda-be53-70336b413766",
"shortName": "duo"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/475445"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": " Multiple SAML libraries may allow authentication bypass via incorrect XML canonicalization and DOM traversal",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@duo.com",
"ID": "CVE-2018-7340",
"STATE": "PUBLIC",
"TITLE": " Multiple SAML libraries may allow authentication bypass via incorrect XML canonicalization and DOM traversal"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Duo Network Gateway",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "1.2.9"
}
]
}
}
]
},
"vendor_name": "Duo Security"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Kelby Ludwig of Duo Security"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Duo Network Gateway 1.2.9 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287: Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations",
"refsource": "MISC",
"url": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations"
},
{
"name": "https://www.kb.cert.org/vuls/id/475445",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/475445"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7cd4c57f-0a88-4dda-be53-70336b413766",
"assignerShortName": "duo",
"cveId": "CVE-2018-7340",
"datePublished": "2019-04-17T14:01:03",
"dateReserved": "2018-02-22T00:00:00",
"dateUpdated": "2024-08-05T06:24:11.848Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}