CVE-2012-2351

critical

Description

The default configuration of the auth/saml plugin in Mahara before 1.4.2 sets the "Match username attribute to Remote username" option to false, which allows remote SAML IdP servers to spoof users of other SAML IdP servers by using the same internal username.

References

Advisories
More

http://www.openwall.com/lists/oss-security/2012/05/12/4

http://www.openwall.com/lists/oss-security/2012/05/11/9

http://www.debian.org/security/2012/dsa-2467

https://bugs.launchpad.net/mahara/+bug/932909

http://gitorious.org/mahara/mahara/commit/f07be6020e70fa8f53cd77fdcd63e7fd7ff8aaea

Details

Source: Mitre, NVD

Published: 2012-07-12

Updated: 2025-04-11

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical

EPSS

EPSS: 0.00331