Summary

Acunetix 360 detected that the target application is vulnerable to SAML Response Signature Exclusion.

The web application uses SAML. The web application's SAML Consumer Service doesn't check a SAML Response signature when the Signature element is removed. An authenticated attacker may be able to use it to escalate privileges to a highly privileged user or to takeover accounts of other users in the application.

Impact

Account takeover and/or privilege escalation

Remediation

Change the configuration of the SAML service to require a valid signature for SAML Response.

Severity

High

Classification

CWE-16 ISO27001-a.14.2.5 WASC-15 OWASP 2013-A5 OWASP 2017-A6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H