CVE-2016-9814

Published Feb 17, 2017

Last updated 7 years ago

CVSS critical 9.1

Overview

Description: The validateSignature method in the SAML2\Utils class in SimpleSAMLphp before 1.14.10 and simplesamlphp/saml2 library before 1.9.1, 1.10.x before 1.10.3, and 2.x before 2.3.3 allows remote attackers to spoof SAML responses or possibly cause a denial of service (memory consumption) by leveraging improper conversion of return values to boolean.
Source: security@debian.org
NVD status: Modified

Risk scores

CVSS 3.0

Type: Primary
Base score: 9.1
Impact score: 5.2
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 8.5
Impact score: 7.8
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:P/A:C

Weaknesses

nvd@nist.gov: CWE-399

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:simplesamlphp:simplesamlphp:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3256DE37-C892-4D74-8C48-4D35B0F24F3E",
            "versionEndIncluding": "1.14.9"
          },
          {
            "criteria": "cpe:2.3:a:simplesamlphp:simplesamlphp:1.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09E5E12B-6080-48D0-8750-B5CC9985754B"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:simplesamlphp:saml2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5595B4ED-0C6B-4D18-9013-AF09A9159FBB",
            "versionEndIncluding": "1.9"
          },
          {
            "criteria": "cpe:2.3:a:simplesamlphp:saml2:1.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "274F4568-8E1F-4AB4-B701-157D9ACC0D03"
          },
          {
            "criteria": "cpe:2.3:a:simplesamlphp:saml2:1.10.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3FF505BF-B66C-42FB-9BDE-609B9A563A9E"
          },
          {
            "criteria": "cpe:2.3:a:simplesamlphp:saml2:1.10.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E294F52A-270E-4F48-B0C6-6ADDC84E2E19"
          },
          {
            "criteria": "cpe:2.3:a:simplesamlphp:saml2:2.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9F81F843-780A-46D1-B1D9-8F0BD4A5CD9A"
          },
          {
            "criteria": "cpe:2.3:a:simplesamlphp:saml2:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AA43E174-713E-442D-8931-AC25517DF58D"
          },
          {
            "criteria": "cpe:2.3:a:simplesamlphp:saml2:2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B11FE355-5ECC-4DC3-8826-B366798FCE80"
          },
          {
            "criteria": "cpe:2.3:a:simplesamlphp:saml2:2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69A4843F-0D4C-4B98-8FB9-48B6D9D7499A"
          },
          {
            "criteria": "cpe:2.3:a:simplesamlphp:saml2:2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BBEB6E3F-9408-4D91-90A0-E7F48AF60EA0"
          },
          {
            "criteria": "cpe:2.3:a:simplesamlphp:saml2:2.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2DE2F0BD-EC4C-4EF1-AD1B-F4CE87D0D04D"
          },
          {
            "criteria": "cpe:2.3:a:simplesamlphp:saml2:2.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8669F36F-D030-49CA-B679-FE349EE4E450"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References