Lucene search

MitreCVE-2011-1411

HistorySep 02, 2011 - 11:55 p.m.

CVE-2011-1411

2011-09-0223:55:04

CWE-287

mitre

web.nvd.nist.gov

cve-2011-1411

shibboleth

opensaml library

xml signature

authentication bypass

security vulnerability

nvd

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

6.7

Confidence

Low

EPSS

0.006

Percentile

77.7%

JSON

Shibboleth OpenSAML library 2.4.x before 2.4.3 and 2.5.x before 2.5.1, and IdP before 2.3.2, allows remote attackers to forge messages and bypass authentication via an “XML Signature wrapping attack.”

Affected configurations

Nvd

Node

shibbolethopensamlMatch2.4.0

shibbolethopensamlMatch2.4.1

shibbolethopensamlMatch2.4.2

shibbolethopensamlMatch2.5.0

Node

shibbolethshibboleth-identity-providerRange≤2.3.1

shibbolethshibboleth-identity-providerMatch2.0.0

shibbolethshibboleth-identity-providerMatch2.1.0

shibbolethshibboleth-identity-providerMatch2.1.1

shibbolethshibboleth-identity-providerMatch2.1.2

shibbolethshibboleth-identity-providerMatch2.1.3

shibbolethshibboleth-identity-providerMatch2.1.4

shibbolethshibboleth-identity-providerMatch2.1.5

shibbolethshibboleth-identity-providerMatch2.2.0

shibbolethshibboleth-identity-providerMatch2.2.1

shibbolethshibboleth-identity-providerMatch2.3.0

VendorProductVersionCPE
shibbolethopensaml2.4.0cpe:2.3:a:shibboleth:opensaml:2.4.0:*:*:*:*:*:*:*
shibbolethopensaml2.4.1cpe:2.3:a:shibboleth:opensaml:2.4.1:*:*:*:*:*:*:*
shibbolethopensaml2.4.2cpe:2.3:a:shibboleth:opensaml:2.4.2:*:*:*:*:*:*:*
shibbolethopensaml2.5.0cpe:2.3:a:shibboleth:opensaml:2.5.0:*:*:*:*:*:*:*
shibbolethshibboleth-identity-provider*cpe:2.3:a:shibboleth:shibboleth-identity-provider:*:*:*:*:*:*:*:*
shibbolethshibboleth-identity-provider2.0.0cpe:2.3:a:shibboleth:shibboleth-identity-provider:2.0.0:*:*:*:*:*:*:*
shibbolethshibboleth-identity-provider2.1.0cpe:2.3:a:shibboleth:shibboleth-identity-provider:2.1.0:*:*:*:*:*:*:*
shibbolethshibboleth-identity-provider2.1.1cpe:2.3:a:shibboleth:shibboleth-identity-provider:2.1.1:*:*:*:*:*:*:*
shibbolethshibboleth-identity-provider2.1.2cpe:2.3:a:shibboleth:shibboleth-identity-provider:2.1.2:*:*:*:*:*:*:*
shibbolethshibboleth-identity-provider2.1.3cpe:2.3:a:shibboleth:shibboleth-identity-provider:2.1.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
shibboleth	opensaml	2.4.0	cpe:2.3:a:shibboleth:opensaml:2.4.0:::::::*
shibboleth	opensaml	2.4.1	cpe:2.3:a:shibboleth:opensaml:2.4.1:::::::*
shibboleth	opensaml	2.4.2	cpe:2.3:a:shibboleth:opensaml:2.4.2:::::::*
shibboleth	opensaml	2.5.0	cpe:2.3:a:shibboleth:opensaml:2.5.0:::::::*
shibboleth	shibboleth-identity-provider	*	cpe:2.3:a:shibboleth:shibboleth-identity-provider::::::::
shibboleth	shibboleth-identity-provider	2.0.0	cpe:2.3:a:shibboleth:shibboleth-identity-provider:2.0.0:::::::*
shibboleth	shibboleth-identity-provider	2.1.0	cpe:2.3:a:shibboleth:shibboleth-identity-provider:2.1.0:::::::*
shibboleth	shibboleth-identity-provider	2.1.1	cpe:2.3:a:shibboleth:shibboleth-identity-provider:2.1.1:::::::*
shibboleth	shibboleth-identity-provider	2.1.2	cpe:2.3:a:shibboleth:shibboleth-identity-provider:2.1.2:::::::*
shibboleth	shibboleth-identity-provider	2.1.3	cpe:2.3:a:shibboleth:shibboleth-identity-provider:2.1.3:::::::*