CVE-2020-5261

Missing Token Replay Detection

Severity Score

6.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Saml2 Authentication services for ASP.NET (NuGet package Sustainsys.Saml2) greater than 2.0.0, and less than version 2.5.0 has a faulty implementation of Token Replay Detection. Token Replay Detection is an important defence in depth measure for Single Sign On solutions. The 2.5.0 version is patched. Note that version 1.0.1 is not affected. It has a correct Token Replay Implementation and is safe to use. Saml2 Authentication services for ASP.NET (NuGet package Sustainsys.Saml2) greater than 2.0.0, and less than version 2.5.0 have a faulty implementation of Token Replay Detection. Token Replay Detection is an important defense measure for Single Sign On solutions. The 2.5.0 version is patched. Note that version 1.0.1 and prior versions are not affected. These versions have a correct Token Replay Implementation and are safe to use.

Los servicios de autenticación Saml2 para ASP.NET (paquete NuGet Sustainsys.Saml2) superior a la versión 2.0.0 y menor que la versión 2.5.0 tienen una implementación defectuosa de la detección de reproducción de tokens. Token Replay Detection es una defensa importante en la medida de profundidad para las soluciones de Single Sign On. La versión 2.5.0 está parcheada. Tenga en cuenta que la versión 1.0.1 no se ve afectada. Tiene una implementación correcta de reproducción de tokens y es seguro de usar. Los servicios de autenticación Saml2 para ASP.NET (paquete NuGet Sustainsys.Saml2) superior a la versión 2.0.0 y menor que la versión 2.5.0 tienen una implementación defectuosa de la detección de reproducción de tokens. La detección de reproducción de tokens es una medida de defensa importante para las soluciones de inicio de sesión único. La versión 2.5.0 está parcheada. Tenga en cuenta que la versión 1.0.1 y las versiones anteriores no se ven afectadas. Estas versiones tienen una implementación correcta de reproducción de tokens y son seguras de usar.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Attack Vector

Network

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

None

Attack Vector

Network

Attack Complexity

Medium

Authentication

Single

Confidentiality

Partial

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2020-01-02 CVE Reserved
2020-03-25 CVE Published
2023-03-08 EPSS Updated
2024-08-04 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-294: Authentication Bypass by Capture-replay

CAPEC

References (3)

URL	Tag	Source
https://github.com/Sustainsys/Saml2/issues/711	Issue Tracking
https://github.com/Sustainsys/Saml2/security/advisories/GHSA-g6j2-ch25-5mmv	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
https://github.com/Sustainsys/Saml2/commit/e58e0a1aff2b1ead6aca080b7cdced55ee6d5241	2021-03-24

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Sustainsys Search vendor "Sustainsys"		Saml2 Search vendor "Sustainsys" for product "Saml2"				>= 2.0.0 < 2.5.0 Search vendor "Sustainsys" for product "Saml2" and version " >= 2.0.0 < 2.5.0"		-		Affected