Vulnerability-Lookup

Search criteria

Vendor

Product

Assigner

Sources

Sort by

Order

Apply ordering (override relevance)

Related vulnerabilities

GHSA-5X9F-6VG5-QG4M

Vulnerability from github – Published: 2026-06-05 15:25 – Updated: 2026-06-05 15:25

Summary

Omni has a TOCTOU race condition that allows multiple concurrent uses of a single-use SAML session token

Details

Summary

SAML.getSession (internal/pkg/auth/interceptor/saml.go) checks the Used flag on a SAMLAssertion resource and then marks it used in two separate state operations. Because the check and the update are not atomic, concurrent requests carrying the same saml-session token can both observe Used == false, both pass validation, and both return a successful authentication context. An attacker who obtains a valid saml-session token can exploit this window to authenticate as the token's owner multiple times, defeating the one-time-use guarantee.

Severity

Attack Vector: Local: the attacker needs to either be able to intercept the local, unencrypted traffic or needs access to user's browser.
Attack Complexity: High: the attacker must first obtain a valid saml-session token belonging to the victim (requires a separate interception step; the token is ephemeral and single-use by design).
Privileges Required: None: no Omni account is required to carry out the race once the session token is in hand.
User Interaction: Required: the victim must initiate a SAML authentication flow to produce the session token that the attacker intercepts.
Scope: Unchanged: the impact stays within Omni's authorization boundary.
Confidentiality Impact: High: successful exploitation authenticates the attacker as the victim's email identity, granting read access to any resource accessible to that identity.
Integrity Impact: High: the attacker can confirm one or more public keys under the victim's identity (via ConfirmPublicKey), establishing persistent access credentials tied to the victim's account.
Availability Impact: High: if the attacker can successfully perform the attack and if the victim is a privileged Omni user, e.g., an Omni Operator or Admin, they can take Omni down.

Impact

Session replay: A stolen saml-session token can be used more than once, defeating its single-use guarantee.
Multiple public key confirmations: An attacker who steals the session can confirm N attacker-controlled public keys under the victim's identity in a single stolen session window, creating N persistent long-lived API credentials tied to the victim's account.
Authentication as victim: Any gRPC endpoint gated by the SAML interceptor can be reached as the victim's email identity during the race window.
Audit log pollution: Each raced call generates an audit entry attributed to the victim's email, obscuring the attacker's actions.

Credit

This vulnerability was discovered and reported by bugbunny.ai.

Severity

7.0 (High)


                  
                    CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/siderolabs/omni"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.6.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/siderolabs/omni"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.7.0"
            },
            {
              "fixed": "1.7.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-45720"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-294",
      "CWE-367"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-06-05T15:25:28Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "## Summary\n\n`SAML.getSession` (`internal/pkg/auth/interceptor/saml.go`) checks the `Used` flag on a `SAMLAssertion` resource and then marks it used in two separate state operations. Because the check and the update are not atomic, concurrent requests carrying the same `saml-session` token can both observe `Used == false`, both pass validation, and both return a successful authentication context. An attacker who obtains a valid `saml-session` token can exploit this window to authenticate as the token\u0027s owner multiple times, defeating the one-time-use guarantee.\n\n## Severity\n\n- **Attack Vector:** Local: the attacker needs to either be able to intercept the local, unencrypted traffic or needs access to user\u0027s browser.\n- **Attack Complexity:** High: the attacker must first obtain a valid `saml-session` token belonging to the victim (requires a separate interception step; the token is ephemeral and single-use by design).\n- **Privileges Required:** None: no Omni account is required to carry out the race once the session token is in hand.\n- **User Interaction:** Required: the victim must initiate a SAML authentication flow to produce the session token that the attacker intercepts.\n- **Scope:** Unchanged: the impact stays within Omni\u0027s authorization boundary.\n- **Confidentiality Impact:** High: successful exploitation authenticates the attacker as the victim\u0027s email identity, granting read access to any resource accessible to that identity.\n- **Integrity Impact:** High: the attacker can confirm one or more public keys under the victim\u0027s identity (via `ConfirmPublicKey`), establishing persistent access credentials tied to the victim\u0027s account.\n- **Availability Impact:** High: if the attacker can successfully perform the attack and if the victim is a privileged Omni user, e.g., an Omni Operator or Admin, they can take Omni down.\n\n## Impact\n\n- **Session replay**: A stolen `saml-session` token can be used more than once, defeating its single-use guarantee.\n- **Multiple public key confirmations**: An attacker who steals the session can confirm N attacker-controlled public keys under the victim\u0027s identity in a single stolen session window, creating N persistent long-lived API credentials tied to the victim\u0027s account.\n- **Authentication as victim**: Any gRPC endpoint gated by the SAML interceptor can be reached as the victim\u0027s email identity during the race window.\n- **Audit log pollution**: Each raced call generates an audit entry attributed to the victim\u0027s email, obscuring the attacker\u0027s actions.\n\n## Credit\n\nThis vulnerability was discovered and reported by [bugbunny.ai](https://bugbunny.ai).",
  "id": "GHSA-5x9f-6vg5-qg4m",
  "modified": "2026-06-05T15:25:28Z",
  "published": "2026-06-05T15:25:28Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/siderolabs/omni/security/advisories/GHSA-5x9f-6vg5-qg4m"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/siderolabs/omni"
    },
    {
      "type": "WEB",
      "url": "https://github.com/siderolabs/omni/releases/tag/v1.6.6"
    },
    {
      "type": "WEB",
      "url": "https://github.com/siderolabs/omni/releases/tag/v1.7.3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Omni has a TOCTOU race condition that allows multiple concurrent uses of a single-use SAML session token"
}