Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
3 vulnerabilities by Duo Security
VAR-201904-1492
Vulnerability from variot - Updated: 2023-12-18 12:50Duo Network Gateway 1.2.9 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers. Duo Network Gateway Contains an authentication vulnerability.Information may be tampered with. An attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. This may lead to further attacks. Duo Network Gateway (DNG) is an access control software developed by Duo Corporation in the United States for accessing internal web applications. An authentication bypass vulnerability exists in versions prior to DNG 1.2.10
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201904-1492",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "duo network gateway",
"scope": "lte",
"trust": 1.8,
"vendor": "cisco",
"version": "1.2.9"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "clever",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "duo security",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "omniauth",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "onelogin",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pulse secure",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "shibboleth consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wizkunde b v",
"version": null
},
{
"model": "network gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "duo",
"version": "1.2.6"
},
{
"model": "network gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "duo",
"version": "1.2.5"
},
{
"model": "network gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "duo",
"version": "1.2.4"
},
{
"model": "network gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "duo",
"version": "1.2.3"
},
{
"model": "network gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "duo",
"version": "1.2.2"
},
{
"model": "network gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "duo",
"version": "1.2.1"
},
{
"model": "network gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "duo",
"version": "1.1"
},
{
"model": "network gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "duo",
"version": "1.0"
},
{
"model": "network gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "duo",
"version": "1.2.10"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#475445"
},
{
"db": "BID",
"id": "103178"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015272"
},
{
"db": "NVD",
"id": "CVE-2018-7340"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:duo_network_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.2.9",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7340"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kelby Ludwig of Duo Security",
"sources": [
{
"db": "BID",
"id": "103178"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-103"
}
],
"trust": 0.9
},
"cve": "CVE-2018-7340",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-7340",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-137372",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "security@duo.com",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-7340",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-7340",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "security@duo.com",
"id": "CVE-2018-7340",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201803-103",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-137372",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137372"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015272"
},
{
"db": "NVD",
"id": "CVE-2018-7340"
},
{
"db": "NVD",
"id": "CVE-2018-7340"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-103"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Duo Network Gateway 1.2.9 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers. Duo Network Gateway Contains an authentication vulnerability.Information may be tampered with. \nAn attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. This may lead to further attacks. Duo Network Gateway (DNG) is an access control software developed by Duo Corporation in the United States for accessing internal web applications. An authentication bypass vulnerability exists in versions prior to DNG 1.2.10",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7340"
},
{
"db": "CERT/CC",
"id": "VU#475445"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015272"
},
{
"db": "BID",
"id": "103178"
},
{
"db": "VULHUB",
"id": "VHN-137372"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#475445",
"trust": 3.3
},
{
"db": "NVD",
"id": "CVE-2018-7340",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015272",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201803-103",
"trust": 0.6
},
{
"db": "BID",
"id": "103178",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-137372",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#475445"
},
{
"db": "VULHUB",
"id": "VHN-137372"
},
{
"db": "BID",
"id": "103178"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015272"
},
{
"db": "NVD",
"id": "CVE-2018-7340"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-103"
}
]
},
"id": "VAR-201904-1492",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-137372"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:50:20.027000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Duo Finds SAML Vulnerabilities Affecting Multiple Implementations",
"trust": 0.8,
"url": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations"
},
{
"title": "Duo Network Gateway Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=78891"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-015272"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-103"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-347",
"trust": 1.1
},
{
"problemtype": "CWE-287",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137372"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015272"
},
{
"db": "NVD",
"id": "CVE-2018-7340"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations"
},
{
"trust": 1.7,
"url": "https://www.kb.cert.org/vuls/id/475445"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7340"
},
{
"trust": 1.1,
"url": "https://duo.com/labs/psa/duo-psa-2017-003"
},
{
"trust": 0.8,
"url": "https://cwe.mitre.org/data/definitions/287.html"
},
{
"trust": 0.8,
"url": "https://shibboleth.net/community/advisories/secadv_20180227.txt"
},
{
"trust": 0.8,
"url": "https://community.box.com/t5/box-product-news/recently-reported-saml-vulnerabilities-what-you-need-to-know-as/ba-p/52403"
},
{
"trust": 0.8,
"url": "https://www.okta.com/blog/2018/02/what-you-need-to-know-about-saml-vulnerability-research/"
},
{
"trust": 0.8,
"url": "https://www.cloudfoundry.org/blog/vu475445"
},
{
"trust": 0.8,
"url": "https://github.com/crewjam/saml/pull/140"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7340"
},
{
"trust": 0.8,
"url": "https://www.kb.cert.org/vuls/id/475445/"
},
{
"trust": 0.3,
"url": "https://duo.com"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#475445"
},
{
"db": "VULHUB",
"id": "VHN-137372"
},
{
"db": "BID",
"id": "103178"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015272"
},
{
"db": "NVD",
"id": "CVE-2018-7340"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-103"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#475445"
},
{
"db": "VULHUB",
"id": "VHN-137372"
},
{
"db": "BID",
"id": "103178"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015272"
},
{
"db": "NVD",
"id": "CVE-2018-7340"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-103"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-02-27T00:00:00",
"db": "CERT/CC",
"id": "VU#475445"
},
{
"date": "2019-04-17T00:00:00",
"db": "VULHUB",
"id": "VHN-137372"
},
{
"date": "2018-02-27T00:00:00",
"db": "BID",
"id": "103178"
},
{
"date": "2019-05-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015272"
},
{
"date": "2019-04-17T15:29:00.640000",
"db": "NVD",
"id": "CVE-2018-7340"
},
{
"date": "2018-03-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-103"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-05T00:00:00",
"db": "CERT/CC",
"id": "VU#475445"
},
{
"date": "2020-10-02T00:00:00",
"db": "VULHUB",
"id": "VHN-137372"
},
{
"date": "2018-02-27T00:00:00",
"db": "BID",
"id": "103178"
},
{
"date": "2019-05-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015272"
},
{
"date": "2020-10-02T14:44:32.147000",
"db": "NVD",
"id": "CVE-2018-7340"
},
{
"date": "2020-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-103"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-103"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple SAML libraries may allow authentication bypass via incorrect XML canonicalization and DOM traversal",
"sources": [
{
"db": "CERT/CC",
"id": "VU#475445"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "data forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-103"
}
],
"trust": 0.6
}
}
CVE-2018-7340 (GCVE-0-2018-7340)
Vulnerability from cvelistv5 – Published: 2019-04-17 14:01 – Updated: 2024-08-05 06:24- CWE-287 - Improper Authentication
| URL | Tags |
|---|---|
| https://duo.com/blog/duo-finds-saml-vulnerabiliti… | x_refsource_MISC |
| https://www.kb.cert.org/vuls/id/475445 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Duo Security | Duo Network Gateway |
Affected:
unspecified , < 1.2.9
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:24:11.848Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/475445"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Duo Network Gateway",
"vendor": "Duo Security",
"versions": [
{
"lessThan": "1.2.9",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Kelby Ludwig of Duo Security"
}
],
"descriptions": [
{
"lang": "en",
"value": "Duo Network Gateway 1.2.9 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-17T14:01:03.000Z",
"orgId": "7cd4c57f-0a88-4dda-be53-70336b413766",
"shortName": "duo"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/475445"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Multiple SAML libraries may allow authentication bypass via incorrect XML canonicalization and DOM traversal",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@duo.com",
"ID": "CVE-2018-7340",
"STATE": "PUBLIC",
"TITLE": "Multiple SAML libraries may allow authentication bypass via incorrect XML canonicalization and DOM traversal"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Duo Network Gateway",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "1.2.9"
}
]
}
}
]
},
"vendor_name": "Duo Security"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Kelby Ludwig of Duo Security"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Duo Network Gateway 1.2.9 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287: Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations",
"refsource": "MISC",
"url": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations"
},
{
"name": "https://www.kb.cert.org/vuls/id/475445",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/475445"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7cd4c57f-0a88-4dda-be53-70336b413766",
"assignerShortName": "duo",
"cveId": "CVE-2018-7340",
"datePublished": "2019-04-17T14:01:03.000Z",
"dateReserved": "2018-02-22T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:24:11.848Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-7340 (GCVE-0-2018-7340)
Vulnerability from nvd – Published: 2019-04-17 14:01 – Updated: 2024-08-05 06:24- CWE-287 - Improper Authentication
| URL | Tags |
|---|---|
| https://duo.com/blog/duo-finds-saml-vulnerabiliti… | x_refsource_MISC |
| https://www.kb.cert.org/vuls/id/475445 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Duo Security | Duo Network Gateway |
Affected:
unspecified , < 1.2.9
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:24:11.848Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/475445"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Duo Network Gateway",
"vendor": "Duo Security",
"versions": [
{
"lessThan": "1.2.9",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Kelby Ludwig of Duo Security"
}
],
"descriptions": [
{
"lang": "en",
"value": "Duo Network Gateway 1.2.9 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-17T14:01:03.000Z",
"orgId": "7cd4c57f-0a88-4dda-be53-70336b413766",
"shortName": "duo"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/475445"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Multiple SAML libraries may allow authentication bypass via incorrect XML canonicalization and DOM traversal",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@duo.com",
"ID": "CVE-2018-7340",
"STATE": "PUBLIC",
"TITLE": "Multiple SAML libraries may allow authentication bypass via incorrect XML canonicalization and DOM traversal"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Duo Network Gateway",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "1.2.9"
}
]
}
}
]
},
"vendor_name": "Duo Security"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Kelby Ludwig of Duo Security"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Duo Network Gateway 1.2.9 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287: Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations",
"refsource": "MISC",
"url": "https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations"
},
{
"name": "https://www.kb.cert.org/vuls/id/475445",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/475445"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7cd4c57f-0a88-4dda-be53-70336b413766",
"assignerShortName": "duo",
"cveId": "CVE-2018-7340",
"datePublished": "2019-04-17T14:01:03.000Z",
"dateReserved": "2018-02-22T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:24:11.848Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}