{"uuid": "5c3c91bc-839e-4e44-9509-264c881ee5ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45409", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/225", "content": "Ruby-SAML / GitLab Authentication Bypass (CVE-2024-45409)\n\n\ud83d\udc64 by Harsh Jaiswal & Rahul Maini\n\nIn this blog post, authors will analyze CVE-2024-45409, a critical vulnerability impacting Ruby-SAML, OmniAuth-SAML libraries, which effectively affects GitLab.\n\nThis vulnerability allows an attacker to bypass SAML authentication mechanisms and gain unauthorized access by exploiting a flaw in how SAML responses are handled. The issue arises due to weaknesses in the verification of the digital signature used to protect SAML assertions, allowing attackers to manipulate the SAML response and bypass critical security checks.\n\n\ud83d\udcdd Contents:\n\u25cf Introduction\n\u25cf SAML Message Verification\n    \u2022 How SAML Signatures Work?\n    \u2022 How digest and signature ensure integrity?\n\u25cf Ruby-SAML Bypass\n    \u2022 Bypassing Signature Validation\n\u25cf Conclusion\n\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass/", "creation_timestamp": "2024-10-07T08:32:31.000000Z"}