Oracle Fusion Middleware 12c (12.2.1.3.0) WebLogic SAML Issues
Posted by deepcore on July 22, 2018 – 12:14 am
Two vulnerabilities were discovered within the Oracle WebLogic SAML service provider authentication mechanism. By inserting an XML comment into the SAML NameID tag, an attacker can coerce the SAML service provider to log in as another user. Additionally, WebLogic does not require signed SAML assertions in the default configuration. By omitting the signature portions from a SAML assertion, an attacker can craft an arbitrary SAML assertion and bypass the authentication mechanism.
Post a reply
You must be logged in to post a comment.