Jeffssh

**Name of the Vulnerable Software and Affected Versions** Fleet versions prior to 4.64.2 Fleet versions prior to 4.63.2 Fleet versions prior to 4.62.4 Fleet versions prior to 4.58.1 **Description** The issue allows an attacker to craft a specially-formed SAML response to forge authentication assertions. This can lead to provisioning a new administrative user account if Just-In-Time (JIT) provisioning is enabled, or creating new accounts tied to forged assertions if MDM enrollment is enabled. **Recommendations** For versions prior to 4.64.2, update to version 4.64.2 or later. For versions prior to 4.63.2, update to version 4.63.2 or later. For versions prior to 4.62.4, update to version 4.62.4 or later. For versions prior to 4.58.1, update to version 4.58.1 or later.