CVE-2017-11427

HIGH

Onelogin Pythonsaml < 2.3.0 - Authentication Bypass

Title source: rule

Description

OneLogin PythonSAML 2.3.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.

Exploits (1)

nomisec WORKING POC 12 stars

by CHYbeta · poc

https://github.com/CHYbeta/CVE-2017-11427-DEMO

View Code ZIP pw:eip

References (2)

[Exploit, Technical Description, Third Party Advisory] https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations

[Third Party Advisory, US Government Resource] https://www.kb.cert.org/vuls/id/475445

Scores

CVSS v3 7.7

EPSS 0.0254

EPSS Percentile 85.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Details

CWE

CWE-287

Status published

Products (2)

onelogin/pythonsaml < 2.3.0

pypi/python-saml 0 - 2.4.0PyPI

Published Apr 17, 2019

Tracked Since Feb 18, 2026