Operational Defect Database

BugZero found this defect 18 days ago.

F5 | 1582765

SAML Single Logout should use 'SessionIndex' to disconnect SAML sessios

Last update date:

5/16/2024

Affected products:

BIG-IP

BIG-IP APM

Affected releases:

No affected releases provided.

Fixed releases:

No fixed releases provided.

Description:

Symptoms ... APM SAML IdP locates the external SAML SP connector matching 'EntityID' from configuration and 'Issuer' from SAML SLO request. ... This implementation may fail if an external SAML SP configures all its SAML SP objects with the same 'EntityID' and some of them initiates the SAML SLO. ... Impact ... SAML SLO fails

Additional Resources / Links

Original Vendor Announcement

BugZero® Risk Score

What's this?

Coming soon

Status

New

Search:

...