Bug 1907732 (CVE-2020-27847)
| Summary: | CVE-2020-27847 dexidp/dex: authentication bypass in saml authentication | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Jason Shepherd <jshepherd> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED WONTFIX | QA Contact: | |
| Severity: | urgent | Docs Contact: | |
| Priority: | urgent | ||
| Version: | unspecified | CC: | gghezzo, gparvin, jramanat, jweiser, stcannon, thee |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | dex 2.27.0 | Doc Type: | If docs needed, set a value |
| Doc Text: |
A vulnerability exists in the SAML connector of the github.com/dexidp/dex library used to process SAML Signature Validation. This flaw allows an attacker to bypass SAML authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2020-12-17 09:56:17 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1907747, 1907748 | ||
| Bug Blocks: | 1907616 | ||
|
Description
Jason Shepherd
2020-12-15 04:51:45 UTC
External References: https://github.com/dexidp/dex/security/advisories/GHSA-m9hp-7r99-94h5 https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/ Statement: Red Hat Advanced Cluster Management for Kubernetes 2.1 packages the dexidp/dex library in observatorium-container for use in testing. In production, this library and its functionality are not used, and can not be reached by an attacker. Thus, the severity of this vulnerability has been downgraded for this product. A future update will remove this dependency. This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-27847 |