CVE-2018-7711

NONE EPSS 64.9%
Published Mar 5, 20188y ago · Modified Jun 17, 20262w ago
Find Similar
Published Mar 5, 2018 8y ago
Last Modified Jun 17, 2026 2w ago

Description

HTTPRedirect.php in the saml2 library in SimpleSAMLphp before 1.15.4 has an incorrect check of return values in the signature validation utilities, allowing an attacker to get invalid signatures accepted as valid by forcing an error during validation. This occurs because of a dependency on PHP functionality that interprets a -1 error code as a true boolean value.

Threat Intelligence

EPSS Exploit Probability
64.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-347

Affected Products 5

VendorProductVersionRange
simplesamlphpsimplesamlphp* <1.15.4
simplesamlphpsaml2*≥1.0.0  –  <1.10.6
simplesamlphpsaml2*≥2.0.0  –  <2.3.8
simplesamlphpsaml2*≥3.0.0  –  <3.1.4
debiandebian_linux7.0any

References 3

  • github.com https://github.com/simplesamlphp/saml2/commit/4f6af7f69f29df8555a18b9bb7b646906b45924d
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2018/03/msg00017.html
    Third Party Advisory
  • simplesamlphp.org https://simplesamlphp.org/security/201803-01
    Vendor Advisory

Remediation

  • github.com https://github.com/simplesamlphp/saml2/commit/4f6af7f69f29df8555a18b9bb7b646906b45924d
    Patch