CVE-2020-27846

Summary

A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Affected Software

VendorProductVersion RangeStatus
n/acrewjam/samlgrafana-7.3.6, grafana-7.2.3, grafana-6.7.5, github.com/crewjam/saml-0.4.3affected

Weaknesses

  • CWE-115: CWE-115

ADP Enrichment

CVE Program Container

Additional References

References