Improper Authentication in mod_auth_mellon - CVE-2019-3878
Published: March 28, 2019
Vulnerability identifier: #VU18091
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2019-3878
CWE-ID: CWE-287
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: UNINETT
Affected software:
mod_auth_mellon
mod_auth_mellon
Detailed vulnerability description
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error when processing certain headers. A remote attacker can add special HTTP headers that are normally used to start the special SAML ECP, bypass authentication process and gain unauthorized access to the application.
Successful exploitation of the vulnerability requires that Apache is configured as a reverse proxy and mod_auth_mellon is configured to only let through authenticated users.
How to mitigate CVE-2019-3878
Install updates from vendor's website.