Shibboleth SSO Open Redirect

medium Web App Scanning Plugin ID 115106

Synopsis

Shibboleth SSO Open Redirect

Description

Shibboleth Service Provider (SP) contains an open redirect vulnerability. An attacker can exploit this vulnerability to redirect users to malicious websites, potentially leading to phishing attacks or other malicious activities. This issue arises when the 'redirectLimit' configuration option is not properly set.

Solution

Configure the 'redirectLimit' option in the Shibboleth Service Provider configuration to prevents the injection of redirect locations.

See Also

https://shibboleth.atlassian.net/wiki/spaces/SP3/pages/2065334342/Sessions

Plugin Details

Severity: Medium

ID: 115106

Type: remote

Family: Component Vulnerability

Published: 1/15/2026

Updated: 1/15/2026

Scan Template: basic, full, pci, scan

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS Score Source: Tenable

CVSS v3

Risk Factor: Medium

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS Score Source: Tenable

Vulnerability Information

CPE: cpe:2.3:a:shibboleth:service_provider:*:*:*:*:*:*:*:*

Exploit Available: true

Exploit Ease: Exploits are available

Reference Information

CWE: 601

OWASP: 2010-A10, 2013-A10, 2013-A9, 2017-A9, 2021-A1, 2021-A6

WASC: URL Redirector Abuse

DISA STIG: APSC-DV-002560, APSC-DV-002630

HIPAA: 164.306(a)(1), 164.306(a)(2)

ISO: 27001-A.14.2.5

NIST: sp800_53-CM-6b, sp800_53-SI-10

OWASP API: 2019-API7, 2023-API8

OWASP ASVS: 4.0.2-14.2.1, 4.0.2-5.1.5

PCI-DSS: 3.2-6.2, 3.2-6.5.8