HTTP: GitLab Community and Enterprise Edition SAML Authentication Bypass
This signature detects attempts to exploit a known vulnerability against Gitlab. A successful attack can lead to security bypass.
Extended Description
The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in <= 12.2 and 1.13.0 <= 1.16.0 does not properly verify the signature of the SAML Response. An unauthenticated attacker with access to any signed saml document (by the IdP) can thus forge a SAML Response/Assertion with arbitrary contents. This would allow the attacker to log in as arbitrary user within the vulnerable system. This vulnerability is fixed in 1.17.0 and 1.12.3.
Affected Products
Gitlab gitlab
Short Name
HTTP:CTS:GITLAB-SAML-AUTH-BYPAS
Severity
Critical
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Authentication Bypass CVE-2024-45409 CVE-2025-25291 Community Edition Enterprise GitLab SAML and
Release Date
10/31/2024
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3801
False Positive
Unknown
Vendors
Omniauth
Gitlab
Onelogin