Knowledge Base

Support Policies

SAML Vulnerability Disclosed by Duo (VU#475445)

Description:

On February 27, 2018, Duo disclosed a SAML vulnerability that could allow an attacker to authenticate as a different user.

 

Response:

After an internal security review, SecureAuth + Core Security can confirm no versions of SecureAuth or Core Security SAML products are affected by the SAML XML canonicalization and DOM traversal vulnerability (VU#475445). No action is required.

 

For any questions, please contact SecureAuth Support. You can also read more about this topic on our blog.

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.