...
Date published |
|
|---|---|
Summary | Faulty sanitization allows remote attackers to inject arbitrary web script or HTML via URL parameters on the SAML POST binding login servlet in Kantega SSO Enterprise. |
CVE ID | |
Affected apps | Kantega SAML SSO OIDC Kerberos Single Sign-on for Jira |
Affected versions | All versions between 4.4.2 - 4.14.8, 5.0.0 - 5.11.4 and 6.0.0 - 6.19.0 |
Affected product feature | Identity Providers > SAML > Advanced SAML Settings > POST binding |
Patched versions | Starting from 6.20.0. Backport patchpatches: 5.11.5, 4.14.9 |
| Info |
|---|
Subscribe to our security and critical updates mailing list if you would like to receive updates about announcements like this per email. |
...
Affected apps | Vulnerability criteria | Fixes |
|---|---|---|
Kantega SAML SSO OIDC Kerberos Single Sign-on for Jira Data Center Kantega SAML SSO OIDC Kerberos Single Sign-on for Jira Server | Your installation is vulnerable if all the following statements are true:
| Option 1: Update Kantega SSO Enterprise to version >= 6.20.0 or to backport backports version 5.11.5 or version 4.14.9 Option 2: Disable POST binding in advanced SAML settings and use default redirect binding Option 3: Configure a new Identity provider using OpenID Connect and disable SAML |
Kantega SAML SSO OIDC Kerberos Single Sign-on for Confluence Data Center Kantega SAML SSO OIDC Kerberos Single Sign-on for Confluence Server | Your installation is vulnerable to the exploit if all the following statements are true:
| Option 1: Update Kantega SSO Enterprise to version >= 6.20.0 or to backport version 5.11.5 or version 4.14.9 Option 2: Disable POST binding in advanced SAML settings and use default redirect binding Option 3: Configure a new Identity provider using OpenID Connect and disable SAML |
Kantega SAML SSO OIDC Kerberos Single Sign-on for Bitbucket Data Center Kantega SAML SSO OIDC Kerberos Single Sign-on for Bitbucket Server | Your installation is vulnerable if all the following statements are true:
| Option 1: Update Kantega SSO Enterprise to version >= 6.20.0 or to backport version 5.11.5 or version 4.14.9 Option 2: Disable POST binding in advanced SAML settings and use default redirect binding Option 3: Configure a new Identity provider using OpenID Connect and disable SAML |
Kantega SAML SSO OIDC Kerberos Single Sign-on for Bamboo Server Kantega SAML SSO OIDC Kerberos Single Sign-on for Bamboo Data Center | Your installation is vulnerable to the exploit if all the following statements are true:
Same as for Server, but only versions between 5.6.2 - 6.19.0 | Option 1: Update Kantega SSO Enterprise to version >= 6.20.0 or to backport version 5.11.5 or version 4.14.9 Option 2: Disable POST binding in advanced SAML settings and use default redirect binding Option 3: Configure a new Identity provider using OpenID Connect and disable SAML |
Your installation is vulnerable if all the following statements are true:
| Option 1: Downgrade Update Kantega SSO Enterprise to version 4. 4.1 or temporarily workaround and wait for update to 4.14.9 (we are working on a backport, it will be available soon) Option 2: Disable POST binding in advanced SAML settings and use default redirect binding Option 3: Configure a new Identity provider using OpenID Connect and disable SAML |
...
Please raise a ticket in our help center send an email to security@kantega-sso.com if you have any questions or concerns.
| Info |
|---|
Changelog Update summary table with CVE ID More updates about backport version 4.14.9 Updates about backport version and support contact, and more details Updates about remediation Initial publication |
...