CVE-2016-9814 : The validateSignature method in the SAML2\Utils class in SimpleSAMLphp before 1.

The validateSignature method in the SAML2\Utils class in SimpleSAMLphp before 1.14.10 and simplesamlphp/saml2 library before 1.9.1, 1.10.x before 1.10.3, and 2.x before 2.3.3 allows remote attackers to spoof SAML responses or possibly cause a denial of service (memory consumption) by leveraging improper conversion of return values to boolean.

Published 2017-02-17 02:59:14

Updated 2018-03-04 02:29:00

Source Debian GNU/Linux

View at NVD, CVE.org

Vulnerability category: Denial of service

Products affected by CVE-2016-9814

Simplesamlphp » Simplesamlphp
Versions up to, including, (<=) 1.14.9
cpe:2.3:a:simplesamlphp:simplesamlphp:*:*:*:*:*:*:*:*
Matching versions
Simplesamlphp » Simplesamlphp » Version: 1.10
cpe:2.3:a:simplesamlphp:simplesamlphp:1.10:*:*:*:*:*:*:*
Matching versions
Simplesamlphp » Saml2
Versions up to, including, (<=) 1.9
cpe:2.3:a:simplesamlphp:saml2:*:*:*:*:*:*:*:*
Matching versions
Simplesamlphp » Saml2 » Version: 2.0.0
cpe:2.3:a:simplesamlphp:saml2:2.0.0:*:*:*:*:*:*:*
Matching versions
Simplesamlphp » Saml2 » Version: 2.0.1
cpe:2.3:a:simplesamlphp:saml2:2.0.1:*:*:*:*:*:*:*
Matching versions
Simplesamlphp » Saml2 » Version: 1.10.1
cpe:2.3:a:simplesamlphp:saml2:1.10.1:*:*:*:*:*:*:*
Matching versions
Simplesamlphp » Saml2 » Version: 1.10.2
cpe:2.3:a:simplesamlphp:saml2:1.10.2:*:*:*:*:*:*:*
Matching versions
Simplesamlphp » Saml2 » Version: 2.3.2
cpe:2.3:a:simplesamlphp:saml2:2.3.2:*:*:*:*:*:*:*
Matching versions
Simplesamlphp » Saml2 » Version: 1.10
cpe:2.3:a:simplesamlphp:saml2:1.10:*:*:*:*:*:*:*
Matching versions
Simplesamlphp » Saml2 » Version: 2.3
cpe:2.3:a:simplesamlphp:saml2:2.3:*:*:*:*:*:*:*
Matching versions
Simplesamlphp » Saml2 » Version: 2.3.1
cpe:2.3:a:simplesamlphp:saml2:2.3.1:*:*:*:*:*:*:*
Matching versions
Simplesamlphp » Saml2 » Version: 2.1
cpe:2.3:a:simplesamlphp:saml2:2.1:*:*:*:*:*:*:*
Matching versions
Simplesamlphp » Saml2 » Version: 2.2
cpe:2.3:a:simplesamlphp:saml2:2.2:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2016-9814

EPSS FAQ

0.83%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 72 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2016-9814

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
8.5	HIGH	AV:N/AC:L/Au:N/C:N/I:P/A:C	10.0	7.8	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: Complete
9.1	CRITICAL	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H	3.9	5.2	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: High Availability: High

CWE ids for CVE-2016-9814

CWE-399

Assigned by: nvd@nist.gov (Primary)

References for CVE-2016-9814

http://www.securityfocus.com/bid/94730

SimpleSAMLphp CVE-2016-9814 Security Bypass Vulnerability
Third Party Advisory;VDB Entry
https://simplesamlphp.org/security/201612-01

SimpleSAMLphp
Vendor Advisory
https://lists.debian.org/debian-lts-announce/2018/03/msg00001.html

[SECURITY] [DLA 1297-1] simplesamlphp security update

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2016-9814

Products affected by CVE-2016-9814

Exploit prediction scoring system (EPSS) score for CVE-2016-9814

CVSS scores for CVE-2016-9814

CWE ids for CVE-2016-9814

References for CVE-2016-9814