5.3 MEDIUM
- CVSS version (CVSS): 4.0
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): Low (L)
- Attack Requirement (AT): None (N)
- Privileges Required (PR): None (N)
- User Interaction (UI): Passive (P)
- Vulnerable System Impact Confidentiality (VC): None (N)
- Vulnerable System Impact Integrity (VI): Low (L)
- Vulnerable System Impact Availability (VA): Low (L)
- Subsequent System Impact Confidentiality (SC): Low (L)
- Subsequent System Impact Integrity (SI): Low (L)
- Subsequent System Impact Availability (SA): Low (L)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): Low (L)
- Modified Attack Requirement (MAT): None (N)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): Passive (P)
- Modified Vulnerable System Impact Confidentiality (MVC): None (N)
- Modified Vulnerable System Impact Integrity (MVI): Low (L)
- Modified Vulnerable System Impact Availability (MVA): Low (L)
- Modified Subsequent System Impact Confidentiality (MSC): Low (L)
- Modified Subsequent System Impact Integrity (MSI): Low (L)
- Modified Subsequent System Impact Availability (MSA): Low (L)
- Safety (S): Not Defined (X)
- Automatable (AU): Not Defined (X)
- Recovery (R): Not Defined (X)
- Value Density (V): Not Defined (X)
- Vulnerability Response Effort (RE): Not Defined (X)
- Provider Urgency (U): Not Defined (X)
- Confidentiality Req. (CR): Not Defined (X)
- Integrity Req. (IR): Not Defined (X)
- Availability Req. (AR): Not Defined (X)
- Exploit Maturity (E): Not Defined (X)
Activity log
- Created suggestion
Open Redirect in SAML Single Sign-On in Guardian/CMC before 26.2.0
An Open Redirect vulnerability was discovered in the SAML Single Sign-On functionality due to insufficient validation of a user-controlled redirection parameter. An unauthenticated attacker can craft a request to the SAML sign-in endpoint and poison the cached SAML redirection for other users who subsequently initiate SAML Single Sign-On, enabling phishing and credential-theft attacks, as well as disrupting SAML authentication for all affected users.
Affected products
- <26.2.0
- <26.2.0
Matching in nixpkgs
pkgs.cmc
Manages SSH ControlMaster sessions
pkgs.cmctl
Command line utility to interact with a cert-manager instalation on Kubernetes
pkgs.scmccid
PCSC drivers for linux, for the SCM SCR3310 v2.0 card and others
pkgs.adguardian
Terminal-based, real-time traffic monitoring and statistics for your AdGuard Home instance
pkgs.pcmciaUtils
None
pkgs.pcmciautils
None
pkgs.haskellPackages.mcmc
Sample from a posterior using Markov chain Monte Carlo
pkgs.haskellPackages.mcmc-types
Common types for sampling
pkgs.python313Packages.aioguardian
Python library to interact with Elexa Guardian devices
pkgs.python314Packages.aioguardian
Python library to interact with Elexa Guardian devices
pkgs.python313Packages.pygitguardian
Library to access the GitGuardian API
-
nixos-unstable -
- nixos-unstable-small 1.32.0
pkgs.python314Packages.pygitguardian
Library to access the GitGuardian API
-
nixos-unstable -
- nixos-unstable-small 1.32.0
pkgs.python313Packages.django-guardian
Per object permissions for Django
pkgs.python314Packages.django-guardian
Per object permissions for Django
pkgs.python313Packages.djangorestframework-guardian
Django-guardian support for Django REST Framework
Package maintainers
-
@GaetanLepage Gaetan Lepage <gaetan@glepage.com>
-
@chordtoll chordtoll <nix@chordtoll.com>
-
@JoshVanL Josh van Leeuwen < me@joshvanl.dev >
-
@dschrempf Dominik Schrempf <dominik.schrempf@gmail.com>
-
@fabaff Fabian Affolter <mail@fabian-affolter.ch>