Security News > 2020 > December > Critical Golang XML parser bugs can cause SAML authentication bypass
This week, Mattermost, in coordination with Golang has disclosed 3 critical vulnerabilities within Go language's XML parser.
The XML round-trip vulnerabilities listed below lurk in Golang's XML language parser encoding/xml which doesn't return reliable results when encoding and decoding XML input.
Various SAML implementations, relying on the said XML parser can be tricked by attackers to bypass SAML authentication altogether.
Security Assertion Markup Language is a web authentication standard used by multiple, prominent websites and services to facilitate easier online sign-in that uses XML. "Because of these vulnerabilities, Go-based SAML implementations are in many cases open to tampering by an attacker: by injecting malicious markup to a correctly signed SAML message, it's possible to make it still appear correctly signed, but change its semantics to convey a different identity than the original document," warned Mattermost.
Should a mission-critical application be using the XML parser, the impact within an SAML SSO system can be privilege escalation or authentication bypass, depending on how the application is using the vulnerable XML parser.
News URL
Related news
- ASUS warns of critical remote authentication bypass on 7 routers (source)
- ASUS Patches Critical Authentication Bypass Flaw in Multiple Router Models (source)
- Docker fixes critical 5-year old authentication bypass flaw (source)
- Exploit for critical Progress Telerik auth bypass released, patch now (source)
- Exploit for critical Veeam auth bypass available, patch now (source)
- Hackers target new MOVEit Transfer critical auth bypass bug (source)
- Critical Docker Engine Flaw Allows Attackers to Bypass Authorization Plugins (source)
- Docker fixes critical auth bypass flaw, again (CVE-2024-41110) (source)