Improper Access Control on SAML Configuration
A vulnerability in version 1.3.2 allows unauthorized updates to the SAML configuration, potentially leading to authentication manipulation. This issue was patched in version 1.3.4.
Available publicly on Sep 27 2024 | Available with Premium on Aug 24 2024
Threat Overview
The vulnerability allows an attacker to update the SAML configuration without proper authorization. This can lead to severe consequences such as manipulation of authentication processes, fraudulent login requests, and theft of user information. The lack of appropriate access controls on the SAML configuration endpoint is the root cause of this issue.
Attack Scenario
An attacker can exploit this vulnerability by sending a crafted POST request to the SAML configuration endpoint. By doing so, they can update the SAML configuration with malicious data. This allows the attacker to manipulate authentication processes, potentially logging in as unauthorized users and accessing sensitive information.
Who is affected
Users of the software version 1.3.2 who have not yet updated to version 1.3.4 are affected by this vulnerability. This includes organizations using the software for authentication purposes.
Technical Report
Want more out of Sightline?
Sightline offers even more for premium customers
Go Premium
We have - related security advisories that are available with Sightline Premium.