SAML SP 2.0 Single Sign On (SSO) - SAML Service Provider - Moderately critical - Multiple vulnerabilities - SA-CONTRIB-2021-036

SAML SP 2.0 Single Sign On (SSO) - SAML Service Provider - Moderately critical - Multiple vulnerabilities - SA-CONTRIB-2021-036

Project: SAML SP 2.0 Single Sign On (SSO) - SAML Service Provider
Date: 2021-September-22
Security risk: Moderately critical 14∕25 
Vulnerability: Multiple vulnerabilities

Description

This module provides a solution to authenticate visitors using existing SAML providers.

Certain non-default configurations allow a malicious user to login as any chosen user.

The vulnerability is mitigated by the module's default settings which require the options "Either sign SAML assertions" and "x509 certificate".

Solution

Ensure that the "Either SAML response or SAML assertion must be signed" and "x509 certificate" options on the dedicated plugin page are both enabled.

Install the latest version:

If you use the SAML SP 2.0 Single Sign On (SSO) - SAML Service Provider module for Drupal 8.x or 9.x, upgrade to SAML SP 2.0 Single Sign On (SSO) - SAML Service Provider 8.x-2.24
If you use the SAML SP 2.0 Single Sign On (SSO) - SAML Service Provider module for Drupal 7.x, upgrade to SAML SP 2.0 Single Sign On (SSO) - SAML Service Provider 7.x-2.57

We value your opinion. Please add your feedback.