CVE-2018-7711
NONE EPSS 64.9%
Published Mar 5, 20188y ago · Modified Jun 17, 20262w ago
Published Mar 5, 2018 8y ago
Last Modified Jun 17, 2026 2w ago
Description
HTTPRedirect.php in the saml2 library in SimpleSAMLphp before 1.15.4 has an incorrect check of return values in the signature validation utilities, allowing an attacker to get invalid signatures accepted as valid by forcing an error during validation. This occurs because of a dependency on PHP functionality that interprets a -1 error code as a true boolean value.
Threat Intelligence
EPSS Exploit Probability
64.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-347
Affected Products 5
| Vendor | Product | Version | Range |
|---|---|---|---|
| simplesamlphp | simplesamlphp | * | <1.15.4 |
| simplesamlphp | saml2 | * | ≥1.0.0 – <1.10.6 |
| simplesamlphp | saml2 | * | ≥2.0.0 – <2.3.8 |
| simplesamlphp | saml2 | * | ≥3.0.0 – <3.1.4 |
| debian | debian_linux | 7.0 | any |
References 3
- github.com https://github.com/simplesamlphp/saml2/commit/4f6af7f69f29df8555a18b9bb7b646906b45924d
- lists.debian.org https://lists.debian.org/debian-lts-announce/2018/03/msg00017.html
- simplesamlphp.org https://simplesamlphp.org/security/201803-01
Remediation
- github.com https://github.com/simplesamlphp/saml2/commit/4f6af7f69f29df8555a18b9bb7b646906b45924d