Grafana Signature Verification Vulnerability (CVE-2020-27846)

Description

A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Remediation

References

CVE-2020-27846

Related Vulnerabilities

Apache Tomcat Other Vulnerability (CVE-2006-7197)

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-7061)

MySQL CVE-2013-3811 Vulnerability (CVE-2013-3811)

MediaWiki Other Vulnerability (CVE-2005-1888)

Drupal Core 7.x Remote Code Execution (7.0 - 7.73)

Severity

Critical

Classification

CVE-2020-27846 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H