CVE-2023-49087 – simplesamlphp/saml2

Package

Manager: composer
Name: simplesamlphp/saml2
Vulnerable Version: =5.0.0-alpha.12 || >=5.0.0-alpha.12 <5.0.0-alpha.13

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00205 pctl0.42757

Details

Validation of SignedInfo Validation of an XML Signature requires verification that the hash value of the related XML-document (after any optional transformations and/or normalizations) matches a specific DigestValue-value, but also that the cryptografic signature on the SignedInfo-tree (the one that contains the DigestValue) verifies and matches a trusted public key. Within the simpleSAMLphp/xml-security library (https://github.com/simplesamlphp/xml-security), the hash is being validated using SignedElementTrait::validateReference, and the signature is being verified in SignedElementTrait::verifyInternal https://github.com/simplesamlphp/xml-security/blob/master/src/XML/SignedElementTrait.php:  What stands out is that the signature is being calculated over the canonical version of the SignedInfo-tree. The validateReference method, however, uses the original non-canonicalized version of SignedInfo. ### Impact If an attacker somehow (i.e. by exploiting a bug in PHP's canonicalization function) manages to manipulate the canonicalized version's DigestValue, it would be potentially be possible to forge the signature. No possibilities to exploit this were found during the investigation.

Metadata

Created: 2023-11-28T18:52:19Z
Modified: 2023-12-06T21:08:04Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/11/GHSA-ww7x-3gxh-qm6r/GHSA-ww7x-3gxh-qm6r.json
CWE IDs: ["CWE-345"]
Alternative ID: GHSA-ww7x-3gxh-qm6r
Finding: F204
Auto approve: 1