CVE-2024-45409.md
1 #### 19-09-2024 2 3 **1. Description:** 4 5 - **Brief Summary:** Vulnerability in Ruby [[SAML]]. Allows attacker to login as arbitrary user within the vulnerable system 6 - **Technical Details:** Ruby [[SAML]] does not properly verify the signature of the [[SAML]] response. Unauthenticated attacker that have any signed [[SAML]] document by by the Identity Provider(IdP) can forge the [[SAML]] Response/Assertion with arbitiary content 7 - **Severity Score:** 8 - **CVSS v3.1 Base Score:** 10 9 - **CVSS v3.1 Vector:** CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N 10 - **Affected Software/Versions:** Ruby-SAML <= 12.2, 1.13.0 <= 1.16.0 11 12 **2. Related Information:** 13 14 - **CWE:** [CWE-347](http://cwe.mitre.org/data/definitions/347.html) 15 16 **3. Vulnerability Analysis:** 17 18 - **Impact:** 19 - Unauthorized Access 20 - **Remediation:** Update Gitlab & Ruby-SAML 21 22 **4. References:** 23 24 - **Official CVE Entry:** [Yes](https://nvd.nist.gov/vuln/detail/CVE-2024-45409) 25 - **Vendor Advisory:** 26 - [Security Online](https://securityonline.info/gitlab-releases-critical-security-patch-for-cve-2024-45409-vulnerability/) 27 - **Other Relevant Resources:** 28 - **POC**: 29 - [Yes](https://securityonline.info/gitlab-releases-critical-security-patch-for-cve-2024-45409-vulnerability/) 30 31 **5. Notes (Optional):** 32 33 - **Additional Information:** 34 - **Timeline:**