search cancel

SAML Vulnerability VU475445


Article ID: 104045


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On


We are using CA Federation Manager for our SAML based SSO solution, it has been brought to our attention below vulnerabilities around SAML, does these affect CA Single Sign.On?
CVE-2017-11427 - OneLogin’s "python-saml"
CVE-2017-11428 - OneLogin’s "ruby-saml"
CVE-2017-11429 - Clever’s "saml2-js"
CVE-2017-11430 - "OmniAuth-SAML"
CVE-2018-0489 - Shibboleth openSAML C++
CVE-2018-5387 - Wizkunde SAMLBase Regards Akshat


CA Single Sign-On R12.7


CA published an advisory confirming that these vulnerabilities does not affect CA Single Sign-On:

CA Single Sign-On team has reviewed information related to the SAML federation vulnerability stemming from incorrect XML canonicalization and DOM traversal described here:

The results of testing have demonstrated that CA Single Sign-On, and the previously named CA Federation, is not affected by this vulnerability.

If you need to subscribe to these notifications, you can do it by selecting the Single Sign-On notifications at the following link: