CVE-2022-23170

Name of the Vulnerable Software and Affected Versions SysAid - Okta SSO integration (affected versions not specified)

Description The issue concerns an XML External Entity Injection vulnerability. An unauthenticated attacker can exploit this by sending a malformed POST request to the identity provider endpoint. The attacker can extract the endpoint by decoding the SAMLRequest parameter's value and searching for the AssertionConsumerServiceURL parameter's value. This often allows the attacker to view files on the application server filesystem and interact with back-end or external systems. In some situations, the attacker can escalate the attack to compromise the underlying server or back-end infrastructure by leveraging the vulnerability to perform server-side request forgery (SSRF) attacks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.