Miggo Logo

CVE-2015-5301: Ipsilon denial of service by deleting a SAML2 Service Provider (SP)

5.5

CVSS Score

Basic Information

EPSS Score
0.71517%
CWE
-
Published
5/17/2022
Updated
11/22/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
AV:N/AC:L/Au:S/C:N/I:P/A:P
Package NameEcosystemVulnerable VersionsFirst Patched Version
ipsilonpip>= 0.1.0, < 1.0.21.0.2
ipsilonpip>= 1.1.0, < 1.1.11.2.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

  1. The vulnerability description explicitly mentions providers/saml2/admin.py as the vulnerable component.
  2. The Red Hat Bugzilla report references line 309 of this file as the vulnerable code location.
  3. The upstream patch adds a permission check for 'admin' role before deletion, confirming the original code lacked authorization checks.
  4. While the exact function name isn't explicitly stated, the context indicates it's the SP deletion handler in the admin interface.
  5. The CWE-264 mapping (Permissions/Privileges) aligns with missing authorization checks in a deletion operation.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

provi**rs/s*ml*/**min.py in t** I**ntity Provi**r (I*P) s*rv*r in Ipsilon *.*.* ***or* *.*.* *n* *.*.x ***or* *.*.* *o*s not prop*rly ****k p*rmissions, w*i** *llows r*mot* *ut**nti**t** us*rs to **us* * **ni*l o* s*rvi** *y **l*tin* * S*ML* S*rvi**

Reasoning

*. T** vuln*r**ility **s*ription *xpli*itly m*ntions provi**rs/s*ml*/**min.py *s t** vuln*r**l* *ompon*nt. *. T** R** **t *u*zill* r*port r***r*n**s lin* *** o* t*is *il* *s t** vuln*r**l* *o** lo**tion. *. T** upstr**m p*t** ***s * p*rmission ****k