Ecosyste.ms: Advisories

Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXczd2YtY2Z4My02Z2N4

SAML authentication vulnerability due to stdlib XML parsing

Impact

Due to issues in Go's standard library XML parsing, a valid SAML response may be mutated by an attacker to modify the trusted document. This can result in allowing unverified logins from a SAML IdP.

Users that configure Fleet with SSO login may be vulnerable to this issue.

Patches

This issue is patched in 3.5.1 using https://github.com/mattermost/xml-roundtrip-validator.

Workarounds

If upgrade to 3.5.1 is not possible, users should disable SSO authentication in Fleet.

References

See https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/ for more information about the underlying vulnerabilities.

For more information

If you have any questions or comments about this advisory:

• Email us at [email protected]
• Join #fleet in osquery Slack

Permalink: https://github.com/advisories/GHSA-w3wf-cfx3-6gcx
JSON: https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXczd2YtY2Z4My02Z2N4
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: almost 3 years ago
Updated: almost 2 years ago

EPSS Percentage: 0.00561
EPSS Percentile: 0.77534

Identifiers: GHSA-w3wf-cfx3-6gcx, CVE-2020-26276
References:

• https://github.com/fleetdm/fleet/security/advisories/GHSA-w3wf-cfx3-6gcx
• https://nvd.nist.gov/vuln/detail/CVE-2020-26276
• https://github.com/fleetdm/fleet/commit/57812a532e5f749c8e18c6f6a652eca65c083607
• https://github.com/fleetdm/fleet/blob/master/CHANGELOG.md#fleet-351-dec-14-2020
• https://github.com/mattermost/xml-roundtrip-validator
• https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities
• https://github.com/advisories/GHSA-w3wf-cfx3-6gcx

Repository: https://github.com/fleetdm/fleet
Blast Radius: 0.0

Affected Packages