How severe is CVE-2021-3051?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.1 out of 10.

What type of vulnerability is CVE-2021-3051?

This is classified as CWE-347, which is a common weakness in software security.

CVE-2021-3051

HIGH Year: 2021

CVSS v3 Score

8.1

High

CVSS v2 Score

6.8

Medium

Weakness Type

CWE-347

View all →

Vulnerability Description

An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR SAML authentication that enables an unauthenticated network-based attacker with specific knowledge of the Cortex XSOAR instance to access protected resources and perform unauthorized actions on the Cortex XSOAR server. This issue impacts: Cortex XSOAR 5.5.0 builds earlier than 1578677; Cortex XSOAR 6.0.2 builds earlier than 1576452; Cortex XSOAR 6.1.0 builds earlier than 1578663; Cortex XSOAR 6.2.0 builds earlier than 1578666. All Cortex XSOAR instances hosted by Palo Alto Networks are protected from this vulnerability; no additional action is required for these instances.

CVE-2017-16852

HIGH

CVSS:8.1(High)

shibsp/metadata/DynamicMetadataProvider.cpp in the Dynamic MetadataProvider plugin in Shibboleth Service Provider before 2.6.1 fails to properly configure itself with the MetadataFilter plugins and do...

CWE-3472017

CVE-2017-16853

HIGH

CVSS:8.1(High)

The DynamicMetadataProvider class in saml/saml2/metadata/impl/DynamicMetadataProvider.cpp in OpenSAML-C in OpenSAML before 2.6.1 fails to properly configure itself with the MetadataFilter plugins and ...

CWE-3472017

CVE-2017-18122

HIGH

CVSS:8.1(High)

A signature-validation bypass issue was discovered in SimpleSAMLphp through 1.14.16. A SimpleSAMLphp Service Provider using SAML 1.1 will regard as valid any unsigned SAML response containing more tha...

CWE-3472017

CVE-2018-7711

HIGH

CVSS:8.1(High)

HTTPRedirect.php in the saml2 library in SimpleSAMLphp before 1.15.4 has an incorrect check of return values in the signature validation utilities, allowing an attacker to get invalid signatures accep...

CWE-3472018

CVE-2022-23610

HIGH

CVSS:8.1(High)

wire-server provides back end services for Wire, an open source messenger. In versions of wire-server prior to the 2022-01-27 release, it was possible to craft DSA Signatures to bypass SAML SSO and im...

CWE-3472022

CVE-2022-39299

HIGH

CVSS:8.1(High)

Passport-SAML is a SAML 2.0 authentication provider for Passport, the Node.js authentication library. A remote attacker may be able to bypass SAML authentication on a website using passport-saml. A su...

CWE-3472022

CVE-2021-3051

Vulnerability Description

Related Vulnerabilities

CVE-2017-16852

CVE-2017-16853

CVE-2017-18122

CVE-2018-7711

CVE-2022-23610

CVE-2022-39299