SAML Vulnerability Lets Attackers Log in as Other Users

Faybert

Level 24
Thread author
Verified
Top Poster
Well-known
Jan 8, 2017
1,318
Security researchers from Duo Labs and the US Computer Emergency Response Team Coordination Center (CERT/CC) will release security advisories today detailing a new SAML vulnerability that allows malicious attackers to authenticate as legitimate users without knowledge of the victim's password.

The flaw affects SAML (Security Assertion Markup Language), an XML-based markup language often used for exchanging authentication and authorization data between parties.

SAML's most important use if in single sign-on (SSO) solutions that allow users to log into accounts using one single identity. Unlike other shared authentication schemes —such as OAuth, OpenID, OpenID Connect, and Facebook Connect— SSO stores the user's identity on a central server on which users have accounts.

When users try to login into other enterprise apps, those apps (service providers - SP) make requests to the local SSO server (identity provider - IdP) via SAML.
......................
......................
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top