...
Affected apps | Vulnerability criteria | Fixes |
---|---|---|
Kantega SAML SSO OIDC Kerberos Single Sign-on for Jira Data Center Kantega SAML SSO OIDC Kerberos Single Sign-on for Jira Server | Your installation is vulnerable if all the following statements are true:
| Option 1: Update Kantega SSO Enterprise to version >= 6.20.0 or to backports version 5.11.5 or version 4.14.9 Option 2: Disable POST binding in advanced SAML settings and use default redirect binding Option 3: Configure a new Identity provider using OpenID Connect and disable SAML |
Kantega SAML SSO OIDC Kerberos Single Sign-on for Confluence Data Center Kantega SAML SSO OIDC Kerberos Single Sign-on for Confluence Server | Your installation is vulnerable to the exploit if all the following statements are true:
| Option 1: Update Kantega SSO Enterprise to version >= 6.20.0 or to backport version 5.11.5 or version 4.14.9 Option 2: Disable POST binding in advanced SAML settings and use default redirect binding Option 3: Configure a new Identity provider using OpenID Connect and disable SAML |
Kantega SAML SSO OIDC Kerberos Single Sign-on for Bitbucket Data Center Kantega SAML SSO OIDC Kerberos Single Sign-on for Bitbucket Server | Your installation is vulnerable if all the following statements are true:
| Option 1: Update Kantega SSO Enterprise to version >= 6.20.0 or to backport version 5.11.5 or version 4.14.9 Option 2: Disable POST binding in advanced SAML settings and use default redirect binding Option 3: Configure a new Identity provider using OpenID Connect and disable SAML |
Kantega SAML SSO OIDC Kerberos Single Sign-on for Bamboo Server Kantega SAML SSO OIDC Kerberos Single Sign-on for Bamboo Data Center | Your installation is vulnerable to the exploit if all the following statements are true:
Same as for Server, but only versions between 5.6.2 - 6.19.0 | Option 1: Update Kantega SSO Enterprise to version >= 6.20.0 or to backport version 5.11.5 or version 4.14.9 Option 2: Disable POST binding in advanced SAML settings and use default redirect binding Option 3: Configure a new Identity provider using OpenID Connect and disable SAML |
Your installation is vulnerable if all the following statements are true:
| Option 1: Update Kantega SSO Enterprise to version 4.14.9 Option 2: Disable POST binding in advanced SAML settings and use default redirect binding Option 3: Configure a new Identity provider using OpenID Connect and disable SAML |
...