Operational Defect Database

BugZero found this defect 164 days ago.

F5 | 1381689

SAML SP does not properly sign the SAML Auth Request sent to SAML IdP when http-redirect with detached signature

Last update date:

5/16/2024

Affected products:

BIG-IP

BIG-IP APM

Affected releases:

17.1.0.2

17.1.0.3

17.1.1

17.1.1.1

17.1.1.2

17.1.1.3

Fixed releases:

No fixed releases provided.

Description:

Bug ID 1381689: SAML SP does not properly sign the SAML Auth Request sent to SAML IdP when http-redirect with detached signature ... Last Modified: May 16, 2024 ... Affected Product(s): ... The SAML Auth Request signature is invalid. ... Impact ... SAML Auth req not signed properly which breaks the saml flow and impacts accessing the resources ... Conditions ... -- SAML sp configured with signed authn request -- SSO binding is set to http-redirect -- want-detached-signature is set to true

Additional Resources / Links

Original Vendor Announcement

BugZero® Risk Score

What's this?

Coming soon

Status

Verified

Search:

...