CVE-2017-11430 — OmniAuth-SAML authentication bypass via incorrect XML canonicalization and DOM t

Description

OmniAuth OmniAuth-SAML 1.9.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.

How to fix CVE-2017-11430

To remediate CVE-2017-11430, upgrade the affected package to a fixed version below.

—upgrade to 1.10.0 or later

Is CVE-2017-11430 being exploited?

Low — EPSS is 0.4%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

from 0, < 1.10.0

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.7	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

References (5)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2017-11430
PATCHgithub.com/omniauth/omniauth-saml
WEBduo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations
WEBgithub.com/rubysec/ruby-advisory-db/blob/master/gems/omniauth-saml/CVE-2017-11430.yml