GitLab released patches for a critical flaw in Community and Enterprise Editions that could allow authentication bypass. The vulnerability in the ruby-saml library (CVE-2024-45409, CVSS score: 10.0) could let an attacker log in as any user in the affected system. It was fixed by the maintainers last week.
The issue arises from the library not verifying the SAML Response’s signature correctly. SAML, or Security Assertion Markup Language, is a protocol for single sign-on (SSO) and sharing authentication and authorization data between applications.
By infosecbulletin
/ Thursday , September 19 2024
GitLab released patches for a critical flaw in Community and Enterprise Editions that could allow authentication bypass. The vulnerability in...
Read More
By infosecbulletin
/ Thursday , September 19 2024
On September 16, 2024, Globe Pharmaceuticals Ltd., a major pharmaceutical company in Bangladesh, was hit by a ransomware attack detected...
Read More
By infosecbulletin
/ Wednesday , September 18 2024
The FBI has alerted that cyber actors have compromised over 260,000 internet-connected devices, mainly routers, to form a large botnet...
Read More
By infosecbulletin
/ Wednesday , September 18 2024
Google has released Chrome 129 for Windows, Mac, and Linux users. The update will be available gradually over the next...
Read More
By infosecbulletin
/ Wednesday , September 18 2024
Broadcom has fixed a serious VMware vCenter Server vulnerability that allows attackers to execute remote code on unpatched servers through...
Read More
By infosecbulletin
/ Wednesday , September 18 2024
Ransomware groups like BianLian and Rhysida use Microsoft's Azure Storage Explorer and AzCopy to steal data from hacked networks and...
Read More
By infosecbulletin
/ Tuesday , September 17 2024
Apple has released iOS 18, the latest update for iPhones and iPads. Along with new features, it mainly focuses on...
Read More
By infosecbulletin
/ Tuesday , September 17 2024
CISA has warned Microsoft Windows MSHTML Platform Spoofing Vulnerability and Progress WhatsUp Gold SQL Injection Vulnerability actively exploited security flaws,...
Read More
By infosecbulletin
/ Tuesday , September 17 2024
Cybersecurity researcher Jeremiah Fowler found a non-password-protected database with 780,000 records from FleetPanda, a tech provider for dispatch management. The...
Read More
By infosecbulletin
/ Tuesday , September 17 2024
A recent dark web scan revealed that customer data from Dhaka Electric Supply Company Limited (DESCO) has been exposed. The...
Read More
“An unauthenticated attacker with access to any signed SAML document (by the IdP) can thus forge a SAML Response/Assertion with arbitrary contents, according to a security advisory. “This would allow the attacker to log in as arbitrary user within the vulnerable system.”
“The vulnerability also affects omniauth-saml, which has released its own update (version 2.2.1) to fix ruby-saml to version 1.17.” “The latest patch from GitLab is designed to update omniauth-saml to version 2.2.1 and ruby-saml to 1.17.0.”
GitLab is advising users to enable two-factor authentication (2FA) for all accounts and prevent the SAML two-factor bypass option.
“Successful exploitation attempts will trigger SAML related log events,” it said. “A successful exploitation attempt will log whatever extern_id value is set by the attacker attempting exploitation.”
“Unsuccessful exploitation attempts may generate a ValidationError from the RubySaml library. This could be for a variety of reasons related to the complexity of crafting a working exploit.”
“Recently, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added five new security flaws to its Known Exploited Vulnerabilities (KEV) catalog, including a serious bug affecting Apache HugeGraph-Server (CVE-2024-27348, CVSS score: 9.8), with evidence showing it is actively being exploited.”