CVE-2021-27736

Published: Apr 22, 2021Modified: Nov 21, 2024

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

FusionAuth fusionauth-samlv2 before 0.5.4 allows XXE attacks via a forged AuthnRequest or LogoutRequest because parseFromBytes uses javax.xml.parsers.DocumentBuilderFactory unsafely.

Affected (1)

Products: Fusionauth: Saml V2

Fusionauth

1 product

Saml V2

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Fusionauth Saml V2	Before 0.5.4

Related CWEs

CWE-611

Improper Restriction of XML External Entity Reference

The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

References (6)

https://github.com/FusionAuth/fusionauth-samlv2/commit/c66fb689d50010662f705d5b585c6388ce555dbd

Source: cve@mitre.org

PatchThird Party Advisory

https://github.com/FusionAuth/fusionauth-samlv2/compare/0.5.3...0.5.4

Source: cve@mitre.org

PatchThird Party Advisory

https://www.compass-security.com/fileadmin/Research/Advisories/2021-03_CSNC-2021-004_FusionAuth_SAML_Library_XML_External_Entity.txt

Source: cve@mitre.org

ExploitThird Party Advisory

https://github.com/FusionAuth/fusionauth-samlv2/commit/c66fb689d50010662f705d5b585c6388ce555dbd

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://github.com/FusionAuth/fusionauth-samlv2/compare/0.5.3...0.5.4

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://www.compass-security.com/fileadmin/Research/Advisories/2021-03_CSNC-2021-004_FusionAuth_SAML_Library_XML_External_Entity.txt

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.