Vulnerability Name:

CVE-2017-1000433 (CCN-137259)

Assigned:2017-09-09
Published:2017-09-09
Updated:2021-03-04
Summary:pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password.
CVSS v3 Severity:8.1 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
7.1 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:R)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:U/RC:R)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-287
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2017-1000433

Source: XF
Type: UNKNOWN
pysaml2-cve20171000433-sec-bypass(137259)

Source: CCN
Type: pysaml2 GIT Repository
Running python with optimizations makes UsernamePasswordMako accept any password for any user #451

Source: CONFIRM
Type: Patch, Third Party Advisory, VDB Entry
https://github.com/rohe/pysaml2/issues/451

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20180701 [SECURITY] [DLA 1410-1] python-pysaml2 security update

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20210226 [SECURITY] [DLA 2577-1] python-pysaml2 security update

Source: GENTOO
Type: Issue Tracking, Third Party Advisory
GLSA-201801-11

Vulnerable Configuration:Configuration 1:
  • cpe:/a:pysaml2_project:pysaml2:*:*:*:*:*:*:*:* (Version <= 4.4.0)

    • Configuration 2:
  • cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20171000433
    V
    		CVE-2017-1000433
    2022-05-22
    oval:org.opensuse.security:def:58074
    P
    		Security update for xorg-x11-server (Important)
    2021-12-20
    oval:org.opensuse.security:def:57140
    P
    		Security update for the Linux Kernel (Important)
    2021-12-06
    oval:org.opensuse.security:def:58050
    P
    		Security update for java-1_8_0-openjdk (Important)
    2021-11-23
    oval:org.opensuse.security:def:58040
    P
    		Security update for samba (Important)
    2021-11-19
    oval:org.opensuse.security:def:57100
    P
    		Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)
    2021-09-23
    oval:org.opensuse.security:def:58009
    P
    		Security update for MozillaFirefox (Important)
    2021-09-22
    oval:org.opensuse.security:def:58000
    P
    		Security update for bind (Moderate)
    2021-08-30
    oval:org.opensuse.security:def:57971
    P
    		Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)
    2021-07-21
    oval:org.opensuse.security:def:57969
    P
    		Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)
    2021-07-21
    oval:org.opensuse.security:def:57931
    P
    		Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)
    2021-06-04
    oval:org.opensuse.security:def:57897
    P
    		Security update for MozillaFirefox (Important)
    2021-04-27
    oval:org.opensuse.security:def:56967
    P
    		Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)
    2021-04-07
    oval:org.opensuse.security:def:58090
    P
    		Security update for grub2 (Important)
    2021-03-02
    oval:org.opensuse.security:def:57697
    P
    		davfs2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:56567
    P
    		Recommended update for NetworkManager-vpnc (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:57372
    P
    		Security update for hplip
    2020-12-01
    oval:org.opensuse.security:def:56729
    P
    		Security update for MozillaFirefox (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:56526
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:57765
    P
    		libXcursor1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:56549
    P
    		Security update for ImageMagick (Important)
    2020-12-01
    oval:org.opensuse.security:def:57412
    P
    		Security update for lzo
    2020-12-01
    oval:org.opensuse.security:def:56927
    P
    		Security update for tiff (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:56566
    P
    		Security update for transfig (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:57805
    P
    		libidn-tools on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:57206
    P
    		Security update for Mozilla Firefox
    2020-12-01
    oval:org.opensuse.security:def:56589
    P
    		Security update for curl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:57657
    P
    		DirectFB on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:56527
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:57857
    P
    		libsystemd0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:57246
    P
    		Security update for libtiff
    2020-12-01
    oval:org.opensuse.security:def:56689
    P
    		Security update for MozillaFirefox, mozilla-nspr and mozilla-nss (Important)
    2020-12-01
    oval:org.opensuse.security:def:58114
    P
    		Security update for Cloud7 packages (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:80749
    P
    		Security update for Cloud7 packages (Moderate)
    2019-06-07
    oval:org.opensuse.security:def:80709
    P
    		Security update for python-pysaml2 (Low)
    2018-05-09
    oval:com.ubuntu.artful:def:20171000433000
    V
    		CVE-2017-1000433 on Ubuntu 17.10 (artful) - medium.
    2018-01-02
    oval:com.ubuntu.xenial:def:20171000433000
    V
    		CVE-2017-1000433 on Ubuntu 16.04 LTS (xenial) - medium.
    2018-01-02
    oval:com.ubuntu.xenial:def:201710004330000000
    V
    		CVE-2017-1000433 on Ubuntu 16.04 LTS (xenial) - medium.
    2018-01-02
    BACK
    pysaml2_project pysaml2 *
    debian debian linux 8.0
    debian debian linux 9.0