A vulnerability classified as problematic has been found in SimpleSAMLphp up to 1.14.11. Affected is the function SimpleSAML_Session of the component authcrypt Module. The manipulation with an unknown input leads to a information disclosure vulnerability. CWE is classifying the issue as CWE-200. The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. This is going to have an impact on confidentiality.

The bug was discovered 03/01/2017. The weakness was shared 09/01/2017 (Website). The advisory is available at simplesamlphp.org. This vulnerability is traded as CVE-2017-12872 since 08/15/2017. It is possible to launch the attack remotely. The exploitation doesn't require any form of authentication. Technical details are known, but there is no available exploit. This vulnerability is assigned to T1592 by the MITRE ATT&CK project.

The vulnerability was handled as a non-public zero-day exploit for at least 184 days. During that time the estimated underground price was around $0-$5k. The vulnerability scanner Nessus provides a plugin with the ID 110817 (Debian DLA-1408-1 : simplesamlphp security update), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Debian Local Security Checks and running in the context l.

Upgrading eliminates this vulnerability. A possible mitigation has been published 11 months after the disclosure of the vulnerability.

The vulnerability is also documented in the vulnerability database at Tenable (110817). The entry 106070 is related to this item.

Productinfo

Name

• SimpleSAMLphp

Version

• 1.14.0
• 1.14.1
• 1.14.2
• 1.14.3
• 1.14.4
• 1.14.5
• 1.14.6
• 1.14.7
• 1.14.8
• 1.14.9
• 1.14.10
• 1.14.11

License

• open-source

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion