PT-2019-10284 · Zendesk · Zendesk Samlr

Watikri

Published

2019-07-26

Updated

2019-08-01

CVE-2018-20857

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions: Zendesk Samlr versions prior to 2.6.2

Description: The issue allows an XML nodes comment attack, where an attacker can manipulate the name id node by including a comment () followed by the attacker's domain name, potentially allowing for malicious activities. This can be initiated by setting up a name id node with an email address, such as user@example.com, followed by the comment and the attacker's domain.

Recommendations: For versions prior to 2.6.2, update to version 2.6.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of XML nodes comments in the name id node to minimize the risk of exploitation.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2018-20857

GHSA-QPXP-5J56-GG3X

Affected Products

Zendesk Samlr

PT-2019-10284 · Zendesk · Zendesk Samlr

CVE-2018-20857

Weakness Enumeration

Related Identifiers

Affected Products

References · 8