GoogleOSV:GHSA-J96G-47X2-46HV

HistoryMay 14, 2022 - 3:15 a.m.

SimpleSAMLphp Session fixation issue and authentication bypass in the authcrypt module

2022-05-1403:15:07

Google

osv.dev

7.3 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.4%

JSON

The secureCompare method in lib/SimpleSAML/Utils/Crypto.php in SimpleSAMLphp 1.14.13 and earlier, when used with PHP before 5.6, allows attackers to conduct session fixation attacks or possibly bypass authentication by leveraging missing character conversions before an XOR operation.

CPENameOperatorVersion
simplesamlphp/simplesamlphpeq1.14.12
simplesamlphp/simplesamlphpeq1.14.13

CPE	Name	Operator	Version
	simplesamlphp/simplesamlphp	eq	1.14.12
	simplesamlphp/simplesamlphp	eq	1.14.13

References

github.com/FriendsOfPHP/security-advisories/blob/master/simplesamlphp/simplesamlphp/CVE-2017-12868.yaml

github.com/simplesamlphp/simplesamlphp

github.com/simplesamlphp/simplesamlphp/commit/4bc629658e7b7d17c9ac3fe0da7dc5df71f1b85e

lists.debian.org/debian-lts-announce/2017/12/msg00007.html

lists.debian.org/debian-lts-announce/2018/06/msg00017.html

nvd.nist.gov/vuln/detail/CVE-2017-12868

simplesamlphp.org/security/201705-01