#VU22542 Improper validation of integrity check value in Cloud Access Manager


Published: 2019-11-06

Vulnerability identifier: #VU22542

Vulnerability risk: High

CVSSv3.1: 7.3 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2019-13496

CWE-ID: CWE-354

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Cloud Access Manager
Other software / Other software solutions

Vendor: One Identity

Description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to the affected software does not validate or incorrectly validates the integrity check values. A remote attacker can perform a man-in-the-middle (MitM) attack, bypass OTP, replace a failed SAML response with a successful SAML response and gain access to the application.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Cloud Access Manager: 8.1 - 8.1.4

External links
http://github.com/FurqanKhan1/CVE-2019-13496
http://support.oneidentity.com/cloud-access-manager/kb/311391/cloud-access-manager-8-1-4-hotfix-1

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.


Latest bulletins with this vulnerability


OpenSUSE Linux update for git
Gentoo update for Git
OpenSUSE Linux update for git
Red Hat update for git
Red Hat update for git
Arch Linux update for git
Arch Linux update for libgit2
Amazon Linux AMI update for git
Multiple vulnerabilities in One Identity Cloud Access Manager