// For flags

CVE-2018-7644

 

Severity Score

7.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The XmlSecLibs library as used in the saml2 library in SimpleSAMLphp before 1.15.3 incorrectly verifies signatures on SAML assertions, allowing a remote attacker to construct a crafted SAML assertion on behalf of an Identity Provider that would pass as cryptographically valid, thereby allowing them to impersonate a user from that Identity Provider, aka a key confusion issue.

La biblioteca XmlSecLibs, tal y como se utiliza en la biblioteca saml2 en SimpleSAMLphp, en versiones anteriores a la 1.15.3, verifica incorrectamente las firmas en aserciones SAML, lo que permite que un atacante remoto construya una aserción SAML manipulada en nombre de un proveedor de identidad que pasaría como criptográficamente válido. Esto le permitiría suplantar a un usuario de ese proveedor de identidad; este problema también se conoce como confusión de claves.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2018-03-02 CVE Reserved
  • 2018-03-05 CVE Published
  • 2024-01-13 EPSS Updated
  • 2024-08-05 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-347: Improper Verification of Cryptographic Signature
CAPEC
References (1)
URL Tag Source
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Simplesamlphp
Search vendor "Simplesamlphp"
Simplesamlphp
Search vendor "Simplesamlphp" for product "Simplesamlphp"
< 1.15.3
Search vendor "Simplesamlphp" for product "Simplesamlphp" and version " < 1.15.3"
-
Affected