Page Comparison

Kantega SAML SSO OIDC Kerberos Single Sign-on for Jira Data Center

Kantega SAML SSO OIDC Kerberos Single Sign-on for Jira Server

Your installation is vulnerable if all the following statements are true:

1. You have installed a version of Kantega SSO Enterprise for Jira, Confluence, Bitbucket, Bamboo or FeCru between 4.4.2 - 4.14.8, 5.0.0 - 5.11.4 or 6.0.0 - 6.19.0

2. You are using SAML to log in users.

3. Within Identity Providers > SAML IDP > Advanced SAML settings, Enable POST binding is switched on

Option 1: Update Kantega SSO Enterprise to version >= 6.20.0 or to backport backports version 5.11.5 or version 4.14.9

Option 2: Disable POST binding in advanced SAML settings and use default redirect binding

Option 3: Configure a new Identity provider using OpenID Connect and disable SAML

Kantega SAML SSO OIDC Kerberos Single Sign-on for Confluence Data Center

Kantega SAML SSO OIDC Kerberos Single Sign-on for Confluence Server

Your installation is vulnerable to the exploit if all the following statements are true:

1. You have installed a version of Kantega SSO Enterprise for Jira, Confluence, Bitbucket, Bamboo or FeCru between 4.4.2 - 4.14.8, 5.0.0 - 5.11.4 or 6.0.0 - 6.19.0

2. You are using SAML to log in users.

3. Within Identity Providers > SAML IDP > Advanced SAML settings, Enable POST binding is switched on

Option 1: Update Kantega SSO Enterprise to version >= 6.20.0 or to backport version 5.11.5

Option 2: Disable POST binding in advanced SAML settings and use default redirect binding

Option 3: Configure a new Identity provider using OpenID Connect and disable SAML

Kantega SAML SSO OIDC Kerberos Single Sign-on for Bitbucket Data Center

Kantega SAML SSO OIDC Kerberos Single Sign-on for Bitbucket Server

Your installation is vulnerable if all the following statements are true:

1. You have installed a version of Kantega SSO Enterprise for Jira, Confluence, Bitbucket, Bamboo or FeCru between 4.4.2 - 4.14.8, 5.0.0 - 5.11.4 or 6.0.0 - 6.19.0

2. You are using SAML to log in users.

3. Within Identity Providers > SAML IDP > Advanced SAML settings, Enable POST binding is switched on

Option 1: Update Kantega SSO Enterprise to version >= 6.20.0 or to backport version 5.11.5

Option 2: Disable POST binding in advanced SAML settings and use default redirect binding

Option 3: Configure a new Identity provider using OpenID Connect and disable SAML

Kantega SAML SSO OIDC Kerberos Single Sign-on for Bamboo Server

Kantega SAML SSO OIDC Kerberos Single Sign-on for Bamboo Data Center

Your installation is vulnerable to the exploit if all the following statements are true:

1. You have installed a version of Kantega SSO Enterprise for Jira, Confluence, Bitbucket, Bamboo or FeCru between 4.4.2 - 4.14.8, 5.0.0 - 5.11.4 or 6.0.0 - 6.19.0

2. You are using SAML to log in users.

3. Within Identity Providers > SAML IDP > Advanced SAML settings, Enable POST binding is switched on

Same as for Server, but only versions between 5.6.2 - 6.19.0

Option 1: Update Kantega SSO Enterprise to version >= 6.20.0 or to backport version 5.11.5

Option 2: Disable POST binding in advanced SAML settings and use default redirect binding

Option 3: Configure a new Identity provider using OpenID Connect and disable SAML

Kantega SAML SSO OIDC Kerberos Single Sign-on for FeCru

Your installation is vulnerable if all the following statements are true:

1. You have installed a version of Kantega SSO Enterprise for Jira, Confluence, Bitbucket, Bamboo or FeCru between 4.4.2 - 4.14.8

2. You are using SAML to log in users.

3. Within Identity Providers > SAML IDP > Advanced SAML settings, Enable POST binding is switched on

Option 1: Downgrade Update Kantega SSO Enterprise to version 4.4.1 or temporarily workaround and wait for update to 4.14.9 (we are working on a backport, it will be available soon)

Option 2: Disable POST binding in advanced SAML settings and use default redirect binding

Option 3: Configure a new Identity provider using OpenID Connect and disable SAML