Symantec ASG And ProxySG Security Bypass [CVE-2018-5241]
CVE Number – CVE-2018-5241
Symantec ASG and ProxySG could allow a remote attacker to bypass security restrictions, caused by the improper handling of SAML responses that have XML nodes with comments. By modifying a valid SAML response without invalidating its cryptographic signature, a remote attacker could exploit this vulnerability to bypass SAML authentication security control.
ProxySG 6.5, 6.6, and 6.7 are vulnerable when authenticating network users in intercepted proxy traffic with a SAML authentication realm.
Patches and further details avaliable here.
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.