CVE-2011-1411

EPSS 0.28%

opensaml2 - implementation error

Published: 5/17/2022Modified: 3/9/2026

Description

Shibboleth OpenSAML library 2.4.x before 2.4.3 and 2.5.x before 2.5.1, and IdP before 2.3.2, allows remote attackers to forge messages and bypass authentication via an "XML Signature wrapping attack."

Affected packages (2)

Debian/opensaml2from 0, < 2.3-2+squeeze1
Maven/org.opensaml:opensaml>= 2.4.0, < 2.4.3

References (4)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2011-1411
WEBhttp://shibboleth.internet2.edu/secadv/secadv_20110725.txt
WEBhttp://www.debian.org/security/2011/dsa-2284
WEBhttp://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html