Sign in as anyone: Bypassing SAML SSO authentication with parser differentials
Tags
| attack-pattern: | Data Direct Exploits - T1587.004 Exploits - T1588.005 Ip Addresses - T1590.005 Software - T1592.002 Vulnerabilities - T1588.006 |
Common Information
| Type | Value |
|---|---|
| UUID | f216594a-868d-4a63-a4f8-13b613f612d6 |
| Fingerprint | 804c86731cb7d35d |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | March 12, 2025, midnight |
| Added to db | March 12, 2025, 10:53 p.m. |
| Last updated | March 19, 2025, 2:25 a.m. |
| Headline | Sign in as anyone: Bypassing SAML SSO authentication with parser differentials |
| Title | Sign in as anyone: Bypassing SAML SSO authentication with parser differentials |
| Detected Hints/Tags/Attributes | 42/1/11 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 126 | ✔ | The latest security news for developers - The GitHub Blog | https://github.blog/category/security/feed/ | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 9 | cve-2025-25291 |
|
| Details | CVE | 10 | cve-2025-25292 |
|
| Details | CVE | 20 | cve-2024-9487 |
|
| Details | CVE | 51 | cve-2024-45409 |
|
| Details | Domain | 183 | www.w3.org |
|
| Details | File | 4 | xml_security.rb |
|
| Details | File | 6 | cert.pub |
|
| Details | File | 2 | config.opt |
|
| Details | Url | 9 | http://www.w3.org/2001/10/xml-exc-c14n# |
|
| Details | Url | 6 | http://www.w3.org/2001/04/xmldsig-more#rsa |
|
| Details | Url | 5 | http://www.w3.org/2001/04/xmlenc#sha256 |