Bug 1907732 (CVE-2020-27847) - CVE-2020-27847 dexidp/dex: authentication bypass in saml authentication
Summary: CVE-2020-27847 dexidp/dex: authentication bypass in saml authentication
Keywords:
Status: CLOSED WONTFIX
Alias: CVE-2020-27847
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
urgent
urgent
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1907747 1907748
Blocks: 1907616
TreeView+ depends on / blocked
 
Reported: 2020-12-15 04:51 UTC by Jason Shepherd
Modified: 2021-02-16 18:43 UTC (History)
6 users (show)

Fixed In Version: dex 2.27.0
Doc Type: If docs needed, set a value
Doc Text:
A vulnerability exists in the SAML connector of the github.com/dexidp/dex library used to process SAML Signature Validation. This flaw allows an attacker to bypass SAML authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Clone Of:
Environment:
Last Closed: 2020-12-17 09:56:17 UTC


Attachments (Terms of Use)

Description Jason Shepherd 2020-12-15 04:51:45 UTC
A vulnerability exist in the SAML connector of the github.com/dexidp/dex library used to process SAML Signature Validation. An attacker can use this flaw to bypass SAML authentication.$

Comment 4 Doran Moppert 2020-12-17 02:36:14 UTC
Statement:

Red Hat Advanced Cluster Management for Kubernetes 2.1 packages the dexidp/dex library in observatorium-container for use in testing.  In production, this library and its functionality are not used, and can not be reached by an attacker.  Thus, the severity of this vulnerability has been downgraded for this product.  A future update will remove this dependency.

Comment 5 Product Security DevOps Team 2020-12-17 09:56:17 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2020-27847


Note You need to log in before you can comment on or make changes to this bug.