In addition to these patches, OmniAuth SAML has been upgraded to version 2.2.1 and Ruby-SAML to 1.17.0. It’s worth mentioning that the issue only impacts self-managed instances; therefore, users of GitLab Dedicated instances do not need to take any action. As of now, GitLab patches aiming to fix the flaw have been released; however, if the fixes had not been released, potential exploits of the flaw may have been detrimental. The ruby-saml library flaw, for which GitLab patches have been released, was tracked CVE-2024-45409. However, media reports have claimed that GitLab indicated exploit attempts and success pertaining to the flaw for which the GitLab patches are released. The post GitLab Patches: Severe SAML Authentication Bypass Flaw Fixed appeared first on TuxCare. The critical SAML authentication bypass flaw posed a significant threat to GitLab’s self-managed instances. While no active exploitation has been confirmed, applying the released GitLab patches is crucial for reducing potential risks. A critical SAML authentication bypass flaw was recently identified in GitLab’s Community Edition (CE) and Enterprise Edition (EE). Users who have the affected version are requested to promptly apply the GitLab patches by updating to a secure version, as it can drastically decrease threat exposure. In this article, we’ll dive into the details of the flaw and the patches while covering its severity, root cause, and more. The flaw had a critical vulnerability severity score (CVSS) of 10.0, meaning that exploits could have led attackers to have significant benefits, allowing them to cause further damage. The root cause, and why patches were required, was the library not adequately verifying signatures of the SAML response.
This Cyber News was published on securityboulevard.com. Publication date: Tue, 01 Oct 2024 11:13:07 +0000