CVE-2017-12873
critical
CVSS v3
9.8
CVSS v2
7.5
VIR risk
9.8
Description
SimpleSAMLphp 1.7.0 through 1.14.10 might allow attackers to obtain sensitive information, gain unauthorized access, or have unspecified other impacts by leveraging incorrect persistent NameID generation when an Identity Provider (IdP) is misconfigured.
Predictions
Exploit likelihood
97%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2017-12873
Vendor advisory: cve@mitre.org — https://simplesamlphp.org/security/201612-04
Vendor advisory: cve@mitre.org — https://github.com/simplesamlphp/simplesamlphp/commit/90dca835158495b173808273e7df127303b8b953
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| debian | 7.0 | affected | |
| debian | 8.0 | affected | |
| debian | 9.0 | affected | |
| debian | bookworm | fixed | 1.14.11-1 |
| debian | bullseye | fixed | 1.14.11-1 |
| debian | sid | fixed | 1.14.11-1 |
Package impact
| Ecosystem | Package | Vulnerable | Fixed |
|---|---|---|---|
| Packagist | simplesamlphp/simplesamlphp | >=1.7.0,<1.14.11 | 1.14.11 |
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| simplesamlphp | simplesamlphp | {"startIncluding":"1.7.0","endIncluding":"1.14.10"} | |
References
- https://github.com/simplesamlphp/simplesamlphp/commit/90dca835158495b173808273e7df127303b8b953
- https://lists.debian.org/debian-lts-announce/2017/12/msg00007.html
- https://simplesamlphp.org/security/201612-04
- https://www.debian.org/security/2018/dsa-4127
- https://github.com/simplesamlphp/simplesamlphp/security/advisories/GHSA-gp2m-7cfp-h6gf
- https://nvd.nist.gov/vuln/detail/CVE-2017-12873
- https://github.com/FriendsOfPHP/security-advisories/blob/master/simplesamlphp/simplesamlphp/CVE-2017-12873.yaml
- https://security-tracker.debian.org/tracker/CVE-2017-12873
CWEs
CWE-384
Verify integrity in audit chain (admin only). AS-IS.