No SAML Response Signature Check

Severity: High

Summary#

Invicti detected that the target application is vulnerable to a No SAML Response signature check.

The web application uses SAML. The web application's SAML Consumer Service doesn't check the SAML Response signature. An authenticated attacker may be able to use it to escalate privileges to a high privileged user or to take over the accounts of other users in the application.

Impact#

Account takeover and/or privilege escalation.

Remediation#

Change the configuration of the SAML service to require a valid signature for SAML Response.

Classifications#

ISO27001-A.14.2.5, OWASP 2017-A6, OWASP 2013-A5, CWE-16, WASC-15, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

No SAML Response Signature Check

Related Articles

Build your resistance to threats. And save hundreds of hours each month.