{"id":2351,"date":"2019-02-14T13:33:28","date_gmt":"2019-02-14T13:33:28","guid":{"rendered":"https:\/\/www.varutra.com\/blog\/?p=1945"},"modified":"2022-12-02T15:23:54","modified_gmt":"2022-12-02T09:53:54","slug":"vulnerabilities-related-to-saml-security-assertion-markup-language-part-1","status":"publish","type":"post","link":"https:\/\/www.varutra.com\/varutravrt3\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\/","title":{"rendered":"Vulnerabilities Related to SAML [Security Assertion Markup Language] \u2013 Part 1"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" width=\"1920\" height=\"1080\" src=\"https:\/\/varutra-1a3b6.kxcdn.com\/wp-content\/uploads\/2019\/02\/SAML-Copy-1024x583.png\"  class=\"sh-overlay-item sh-table-cell ls-is-cached lazyloaded\" data-rel=\"lightcase\" title=\"SAML Copy - Varutra Consulting\"><br \/>\n<strong><em>In this blog, we are going to discuss about what is the SAML (Security Assertion Markup Language) and how it works as well as we are going to discuss the Security Assertion Markup Language Vulnerabilities. In the second part of this blog we will see the actual exploitation of the SAML vulnerabilities, so let\u2019s get start.<\/em><\/strong><\/p>\n<p>&nbsp;<\/p>\n<h3><strong><u>What is SAML (Security Assertion Markup Language): <\/u><\/strong><\/h3>\n<p>SAML is the oldest standard, originally developed in 2001. SAML, pronounced as \u201csam-el,\u201d stands for Security Assertion Markup Language. It is an open standard that provides both authentications as well as authorization.<\/p>\n<p>Security Assertion Markup Language is an XML- based open standard for exchanging authentication as well as authorization data between parties. Security Assertion Markup Language (SAML) allows identity providers (IdPs) to pass authorization credentials to service providers (SP\u2019s). It\u2019s much simpler to manage one login per user than it is to manage separate logins to email, customer relationship management (CRM) software, applications, Active Directory, etc.<\/p>\n<p><a href=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2019\/02\/How-SSO-works.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-1948\" src=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2019\/02\/How-SSO-works.png\" alt=\"Working of SAML [Security Assertion Markup Language]\" width=\"693\" height=\"329\" \/><\/a><\/p>\n<p style=\"text-align: center\"><strong>Fig: Working of SAML<\/strong><\/p>\n<ul>\n<li>Identity Provider\u00a0(IdPs) &#8211; The software or tool or service that performs the authentication; checking usernames and passwords, verifying account status, invoking two-factor, etc.<\/li>\n<li>Service Provider\u00a0(SPs) &#8211; The web application where the user is trying to gain access.<\/li>\n<li>SAML Assertion\u00a0&#8211; Message asserting a user\u2019s identity and often other attributes, sent over HTTP via browser redirects.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h3><strong><u>How Does SAML Vulnerability\u00a0Work:<\/u><\/strong><\/h3>\n<p>By modifying SAML body content without invalidating the cryptographic signature, a remote attacker or unauthenticated user may be able to bypass primary authentication for an affected SAML service provider. Simply, this means that if an attacker is able to create or successfully compromise an account, could use this vulnerability to add comments to an attribute in order to get access to an account, like an administrator account.<\/p>\n<p>SAML authentication enables the sharing of identity information between an IdPs and cloud or web applications. A SAML &#8211; based authentication model is composed of an identity provider, which is a producer of \u00a0SAML assertions, \u00a0such as\u00a0<a href=\"https:\/\/safenet.gemalto.com\/access-management\/idaas-safenet-trusted-access\">SafeNet Trusted Access<\/a>, and a service provider(SP), which is a consumer of assertions, such as G-Suite, Office 365, and any other cloud application that supports SAML. SAML assertions are generally signed with PKI signature which confirms that the assertion is authentic or not.<\/p>\n<p>An authentication service acting as identity provider(IdP) collects the user credential and returns a response to the cloud application being accessed. This response is called a SAML assertion. The SAML assertion which contains an accept or reject response. If the SAML assertion is valid, the user is getting logged into the application.<\/p>\n<p>&nbsp;<\/p>\n<h3><strong><u>How to Identify <em>Security Assertion Markup Language<\/em>\u00a0Vulnerabilities:<\/u><\/strong><\/h3>\n<p><strong>SAML Raider:<\/strong><\/p>\n<p>SAML Raider is a Burp Suite extension for testing SAML infrastructure. It contains two core functionalities: Manipulating all SAML Messages and manage X.509 certificates.<\/p>\n<p>It automatically highlights proxied requests containing SAML messages and adds a proxy tab with the decoded payload in the raider. SAML Raider also adds a pane to repeater which allows you to quickly issue popular signature wrapping attacks. SAML Raider adds a Cert tab which makes cloning certificates easy. User can either clone the certificate outright or create a self-signed version of the certificate.<\/p>\n<p><strong>Message Replay:<\/strong><\/p>\n<p>The assertions should contain a unique ID that is only accepted once by the application. Try replaying a SAML message to create multiple sessions through SAML request.<\/p>\n<p><a href=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2019\/02\/2.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-1952\" src=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2019\/02\/2.png\" alt=\"Overview of SAML Vulnerabilities\" width=\"646\" height=\"456\" \/><\/a><\/p>\n<p style=\"text-align: center\"><strong>Fig: Overview of SAML<\/strong><\/p>\n<p style=\"text-align: left\"><strong>SAML from Different Recipient:<\/strong><\/p>\n<p style=\"text-align: left\">An application should only accept a SAML message intended for the service provider (SP) application. If the application does not perform this check, it may honor a security assertion markup language (SAML) message generated from authenticating to another application and allow you into the application as the user from the others application. If you have a valid login for another application which uses the same IP, login to the other service provider (SP) application and record the message. Replay the message intended for the other service provider (SP) to your target SP.<\/p>\n<p style=\"text-align: left\"><strong>XML External Entity (XXE):<\/strong><\/p>\n<p style=\"text-align: left\">A SAML message is just a user-provided XML message that is processed by the Service Provider (SP). Be sure to check all standard XML attack vectors like XXE. XXE is a very common XML attack and attackers find it frequently through SAML messages.<\/p>\n<p style=\"text-align: left\">Successful SAML attacks result in severe exploits such as replaying sessions and gaining unauthorized access to application functions, software and tools. SAML attacks are varied but tools such as SAML Raider can help in detecting and exploiting all common SAML issues. Hope that by using these techniques user can improve his\/her detection and correction of SAML vulnerabilities in applications. Also, in my next blog I will explain the actual exploitation of SAML vulnerability (XXE).<\/p>\n<p>&nbsp;<\/p>\n<h3 style=\"text-align: left\"><strong><u>How to Exploit SAML Vulnerabilities:<\/u><\/strong><\/h3>\n<p style=\"text-align: left\">The likelihood to exploit SAML vulnerabilities is low. Replaying expired messages and replaying messages for another application, software and tool will yield their own limited results. Most of the vulnerabilities described above allow an assertion to be tampered with, which requires one last step to fully exploit the discovered SAML vulnerabilities. If user is able to tamper with a SAML message in such a way as to send your own assertions.<\/p>\n<p style=\"text-align: left\">The presence of behavior is not great, but not always be exploitable. SAML IdP and SP are generally very configurable, so there is lots of room for increasing or decreasing impact.<\/p>\n<p style=\"text-align: left\">e.g.: In SAML Response: Change the UserId to a different invalid user \u2013 Sometimes an application will grant default permissions or higher privileges to an unmapped user.<\/p>\n<p style=\"text-align: left\"><a href=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2019\/02\/3.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-1953\" src=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2019\/02\/3.png\" alt=\"SAML Response\" width=\"634\" height=\"207\" \/><\/a><\/p>\n<p>On the IdP side, openly allowing users to register accounts is one way to increase the impact of this issue by adding XML content in second part. A manual user provisioning process may add a barrier to entry that makes exploitation more infeasible.<\/p>\n<p>For the actual exploitation of the SAML vulnerability, I am going to write my second blog so, stay tuned.<\/p>\n<p>&nbsp;<\/p>\n<h3><strong><u>How to Mitigate SAML Vulnerabilities:<\/u><\/strong><\/h3>\n<p>Remediation of this issue somewhat depends on what relationship user have with SAML.<\/p>\n<p>The best remediation is to ensure that SAML processing libraries are not affected by any of this issue. User identified several SAML libraries that either leveraged these unintuitive XML APIs or did faulty manual text extraction, but surely there are more libraries out there that don&#8217;t handle comments in XML nodes well.<\/p>\n<p>The number of libraries affected by this vulnerability suggest that multiple user also seem to assume XML inner APIs are not affected by comments, so change an API\u2019s behavior of the application. However, there is a clear right answer for XML library authors, and a very reasonable action may be keeping the APIs as they are and improving documentation surrounding this behavior of SAML.<\/p>\n<p>Another possible remediation is updating libraries to use the canonicalized XML document after signature validation for any processing such as text extraction, this could prevent this vulnerability and other vulnerabilities that could be introduced by XML canonicalization issues.<\/p>\n<p>Also, possible remediation path is improving the XML standards. With my research, I did not identify any standards that specified the correct behavior, and it may be worth specifying how these related standards should interoperate with each other.<\/p>\n<p>&nbsp;<\/p>\n<h3><strong><u>Security Best Practices for SAML :<\/u><\/strong><\/h3>\n<ul>\n<li>Validate X.509 Certificate for algorithm compatibility and strength of encryption.<\/li>\n<li>Validate Strong Authentication options for generating the SAML assertion and token.<\/li>\n<li>validation of IDP (which IDP mints the token).<\/li>\n<li>Use trust Root CAs whenever possible.<\/li>\n<li>Synchronize to a common Internet-based timesource.<\/li>\n<li>Define levels of assurance for user identity verification.<\/li>\n<li>Prefer asymmetric identifiers for identity assertions over personally identifiable information like (e.g. SSNs, etc).<\/li>\n<li>Use Sign assertions whenever possible.<\/li>\n<li>Always validate session state for user.<\/li>\n<li>Set Level of granularity in setting authZ, context when consuming SAML token (do you use groups, roles, attributes).<\/li>\n<li>Validate authorized IDP\u2019s.<\/li>\n<li>Always validate IDP certificates for expiry against CRL\/OCSP<\/li>\n<li>Always validate NotBefore and NotOnorAfter<\/li>\n<li>Always define specific criteria for SAML logout<\/li>\n<li>Exchange assertions only over secure transports.<\/li>\n<li>Always define criteria for session management.<\/li>\n<li>Validate signature whenever possible.<\/li>\n<li>Always verify user identities obtained from SAML ticket assertions whenever possible.<\/li>\n<li>Ensure that all SAML providers\/consumers do proper\u00a0<a href=\"https:\/\/www.owasp.org\/index.php\/Input_Validation_Cheat_Sheet\">input validation<\/a>.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h3><strong><u>Flaw Affects Multiple Vendors, Open-Source Libraries:<\/u><\/strong><\/h3>\n<p>OneLogin &#8211; python-saml &#8211; CVE-2017-11427<br \/>\nOneLogin &#8211; ruby-saml &#8211; CVE-2017-11428<br \/>\nClever &#8211; saml2-js &#8211; CVE-2017-11429<br \/>\nOmniAuth-SAML &#8211; CVE-2017-11430<br \/>\nShibboleth &#8211; CVE-2018-0489<br \/>\nDuo Network Gateway &#8211; CVE-2018-7340<\/p>\n<p>&nbsp;<\/p>\n<h3><strong><u>Conclusion:<\/u><\/strong><\/h3>\n<p>SAML is used in various companies and products as a Single Sign On solution. Taking a closer look at SAML implementations and its history of known security vulnerabilities, it could be assessed that SAML can be considered secure, if established security standards are met. In addition to this, it could be shown, that Microsoft\u2019s implementation of a custom SAML 2.0 Web Browser SSO has been disregarding some of these security standards, such as validation of the security token against the Identity Provider. When security vulnerabilities were found in the Microsoft Office 365 SAML implementation, it raised the question whether this vulnerability was caused by SAML or Microsoft\u2019s implementation. In conclusion, it could be assessed, that the cause of the security vulnerability in Microsoft Office 365 lay exclusively in a flawed implementation of SAML 2.0 Web Browser SSO, and was not related to any general flaws in the SAML.<\/p>\n<p>&nbsp;<\/p>\n<h3><strong><u>References:<\/u><\/strong><\/h3>\n<ul>\n<li><a href=\"https:\/\/www.mediawiki.org\/wiki\/Extension:SimpleSamlAuth\">https:\/\/www.owasp.org\/index.php\/SAML_Security_Cheat_Sheet<\/a><\/li>\n<li><a href=\"https:\/\/www.mediawiki.org\/wiki\/Extension:SimpleSamlAuth\">https:\/\/www.mediawiki.org\/wiki\/Extension:SimpleSamlAuth<\/a><\/li>\n<li><a href=\"https:\/\/www.oracle.com\/technetwork\/middleware\/webcenter\/portal\/learnmore\/wcp-saml2-federatedsso-wp-2857359.pdf\">https:\/\/www.oracle.com\/technetwork\/middleware\/webcenter\/portal\/learnmore\/wcp-saml2-federatedsso-wp-2857359.pdf<\/a><\/li>\n<li><a href=\"https:\/\/duo.com\/blog\/the-beer-drinkers-guide-to-saml\">https:\/\/duo.com\/blog\/the-beer-drinkers-guide-to-saml<\/a><\/li>\n<li><a href=\"https:\/\/www.splunk.com\/blog\/2017\/11\/20\/configuring-microsoft-s-azure-security-assertion-markup-language-saml-single-sign-on-sso-with-splunk-cloud-azure-portal.html\">https:\/\/www.splunk.com\/blog\/2017\/11\/20\/configuring-microsoft-s-azure-security-assertion-markup-language-saml-single-sign-on-sso-with-splunk-cloud-azure-portal.html<\/a><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>Author,<\/p>\n<p><strong><em>Prafull Pansare<\/em><\/strong><\/p>\n<p><em>Attack &amp; PenTest Team<\/em><\/p>\n<p><em>Varutra Consulting Pvt. Ltd.<\/em><\/p>","protected":false},"excerpt":{"rendered":"<p>In this blog, we are going to discuss about what is the SAML (Security Assertion Markup Language) and how it works as well as we&#8230;<\/p>\n","protected":false},"author":3,"featured_media":3219,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"inline_featured_image":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[259,140,284,273,57],"tags":[555,556,557],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO Pro 4.6.3 - aioseo.com -->\n\t\t<meta name=\"description\" content=\"SAML is the oldest standard, originally developed in 2001. Understand Security Assertion Markup Language Vulnerabilities &amp; Mitigation of SAML vulnerabilities.\" \/>\n\t\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t\t<link rel=\"canonical\" href=\"https:\/\/www.varutra.com\/varutravrt3\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\/\" \/>\n\t\t<meta name=\"generator\" content=\"All in One SEO Pro (AIOSEO) 4.6.3\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Varutra Consulting\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"SAML [Security Assertion Markup Language] Vulnerabilities\" \/>\n\t\t<meta property=\"og:description\" content=\"SAML is the oldest standard, originally developed in 2001. Understand Security Assertion Markup Language Vulnerabilities &amp; Mitigation of SAML vulnerabilities.\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/www.varutra.com\/varutravrt3\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\/\" \/>\n\t\t<meta property=\"og:image\" content=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2019\/02\/SAML-Copy.png\" \/>\n\t\t<meta property=\"og:image:secure_url\" content=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2019\/02\/SAML-Copy.png\" \/>\n\t\t<meta property=\"og:image:width\" content=\"1230\" \/>\n\t\t<meta property=\"og:image:height\" content=\"700\" \/>\n\t\t<meta property=\"article:section\" content=\"Authentication &amp; Authorization\" \/>\n\t\t<meta property=\"article:tag\" content=\"saml\" \/>\n\t\t<meta property=\"article:tag\" content=\"saml vulnerabilities\" \/>\n\t\t<meta property=\"article:tag\" content=\"security assertion markup language\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2019-02-14T13:33:28+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2022-12-02T09:53:54+00:00\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:title\" content=\"SAML [Security Assertion Markup Language] Vulnerabilities\" \/>\n\t\t<meta name=\"twitter:description\" content=\"SAML is the oldest standard, originally developed in 2001. Understand Security Assertion Markup Language Vulnerabilities &amp; Mitigation of SAML vulnerabilities.\" \/>\n\t\t<meta name=\"twitter:image\" content=\"https:\/\/www.varutra.com\/wp-content\/uploads\/2019\/02\/SAML-Copy.png\" \/>\n\t\t<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t\t<meta name=\"twitter:data1\" content=\"kalpadmin\" \/>\n\t\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\\\/#article\",\"name\":\"SAML [Security Assertion Markup Language] Vulnerabilities\",\"headline\":\"Vulnerabilities Related to SAML [Security Assertion Markup Language] \\u2013 Part 1\",\"author\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/author\\\/admin\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/#organization\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/wp-content\\\/uploads\\\/2019\\\/02\\\/SAML-Copy.png\",\"width\":1230,\"height\":700,\"caption\":\"SAML - Copy\"},\"datePublished\":\"2019-02-14T13:33:28+05:30\",\"dateModified\":\"2022-12-02T15:23:54+05:30\",\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\\\/#webpage\"},\"articleSection\":\"Authentication &amp; Authorization, Case Study, Encryption &amp; Cryptography, Security Best Practices, Vulnerability Disclosure, SAML, SAML Vulnerabilities, Security Assertion Markup Language\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/\",\"nextItem\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\\\/#listItem\"},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\\\/#listItem\",\"position\":2,\"name\":\"Vulnerabilities Related to SAML [Security Assertion Markup Language] \\u2013 Part 1\",\"previousItem\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/#listItem\"}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/#organization\",\"name\":\"Varutra\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/wp-content\\\/uploads\\\/2021\\\/11\\\/Varutra-Found-e1612984024606.jpg\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\\\/#organizationLogo\"},\"image\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\\\/#organizationLogo\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/author\\\/admin\\\/#author\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/author\\\/admin\\\/\",\"name\":\"kalpadmin\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\\\/#authorImage\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d69b4bf504d3e2e3c6ad0c424e16bcb2?s=96&d=mm&r=g\",\"width\":96,\"height\":96,\"caption\":\"kalpadmin\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\\\/#webpage\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\\\/\",\"name\":\"SAML [Security Assertion Markup Language] Vulnerabilities\",\"description\":\"SAML is the oldest standard, originally developed in 2001. Understand Security Assertion Markup Language Vulnerabilities & Mitigation of SAML vulnerabilities.\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/author\\\/admin\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/author\\\/admin\\\/#author\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/wp-content\\\/uploads\\\/2019\\\/02\\\/SAML-Copy.png\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\\\/#mainImage\",\"width\":1230,\"height\":700,\"caption\":\"SAML - Copy\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\\\/#mainImage\"},\"datePublished\":\"2019-02-14T13:33:28+05:30\",\"dateModified\":\"2022-12-02T15:23:54+05:30\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/#website\",\"url\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/\",\"name\":\"Varutra Consulting\",\"description\":\"Secure your digital world with our Cybersecurity services.\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.varutra.com\\\/varutravrt3\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO Pro -->\r\n\t\t<title>SAML [Security Assertion Markup Language] Vulnerabilities<\/title>\n\n","aioseo_head_json":{"title":"SAML [Security Assertion Markup Language] Vulnerabilities","description":"SAML is the oldest standard, originally developed in 2001. Understand Security Assertion Markup Language Vulnerabilities & Mitigation of SAML vulnerabilities.","canonical_url":"https:\/\/www.varutra.com\/varutravrt3\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"og:locale":"en_US","og:site_name":"Varutra Consulting","og:type":"article","og:title":"SAML [Security Assertion Markup Language] Vulnerabilities","og:description":"SAML is the oldest standard, originally developed in 2001. Understand Security Assertion Markup Language Vulnerabilities &amp; Mitigation of SAML vulnerabilities.","og:url":"https:\/\/www.varutra.com\/varutravrt3\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\/","og:image":"https:\/\/www.varutra.com\/wp-content\/uploads\/2019\/02\/SAML-Copy.png","og:image:secure_url":"https:\/\/www.varutra.com\/wp-content\/uploads\/2019\/02\/SAML-Copy.png","og:image:width":"1230","og:image:height":"700","article:section":"Authentication &amp; Authorization","article:tag":["saml","saml vulnerabilities","security assertion markup language"],"article:published_time":"2019-02-14T13:33:28+00:00","article:modified_time":"2022-12-02T09:53:54+00:00","twitter:card":"summary_large_image","twitter:title":"SAML [Security Assertion Markup Language] Vulnerabilities","twitter:description":"SAML is the oldest standard, originally developed in 2001. Understand Security Assertion Markup Language Vulnerabilities &amp; Mitigation of SAML vulnerabilities.","twitter:image":"https:\/\/www.varutra.com\/wp-content\/uploads\/2019\/02\/SAML-Copy.png","twitter:label1":"Written by","twitter:data1":"kalpadmin","twitter:label2":"Est. reading time","twitter:data2":"8 minutes","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.varutra.com\/varutravrt3\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\/#article","name":"SAML [Security Assertion Markup Language] Vulnerabilities","headline":"Vulnerabilities Related to SAML [Security Assertion Markup Language] \u2013 Part 1","author":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/author\/admin\/#author"},"publisher":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/#organization"},"image":{"@type":"ImageObject","url":"https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2019\/02\/SAML-Copy.png","width":1230,"height":700,"caption":"SAML - Copy"},"datePublished":"2019-02-14T13:33:28+05:30","dateModified":"2022-12-02T15:23:54+05:30","inLanguage":"en-US","mainEntityOfPage":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\/#webpage"},"isPartOf":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\/#webpage"},"articleSection":"Authentication &amp; Authorization, Case Study, Encryption &amp; Cryptography, Security Best Practices, Vulnerability Disclosure, SAML, SAML Vulnerabilities, Security Assertion Markup Language"},{"@type":"BreadcrumbList","@id":"https:\/\/www.varutra.com\/varutravrt3\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/www.varutra.com\/varutravrt3\/#listItem","position":1,"name":"Home","item":"https:\/\/www.varutra.com\/varutravrt3\/","nextItem":"https:\/\/www.varutra.com\/varutravrt3\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\/#listItem"},{"@type":"ListItem","@id":"https:\/\/www.varutra.com\/varutravrt3\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\/#listItem","position":2,"name":"Vulnerabilities Related to SAML [Security Assertion Markup Language] \u2013 Part 1","previousItem":"https:\/\/www.varutra.com\/varutravrt3\/#listItem"}]},{"@type":"Organization","@id":"https:\/\/www.varutra.com\/varutravrt3\/#organization","name":"Varutra","url":"https:\/\/www.varutra.com\/varutravrt3\/","logo":{"@type":"ImageObject","url":"https:\/\/www.varutra.com\/wp-content\/uploads\/2021\/11\/Varutra-Found-e1612984024606.jpg","@id":"https:\/\/www.varutra.com\/varutravrt3\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\/#organizationLogo"},"image":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\/#organizationLogo"}},{"@type":"Person","@id":"https:\/\/www.varutra.com\/varutravrt3\/author\/admin\/#author","url":"https:\/\/www.varutra.com\/varutravrt3\/author\/admin\/","name":"kalpadmin","image":{"@type":"ImageObject","@id":"https:\/\/www.varutra.com\/varutravrt3\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\/#authorImage","url":"https:\/\/secure.gravatar.com\/avatar\/d69b4bf504d3e2e3c6ad0c424e16bcb2?s=96&d=mm&r=g","width":96,"height":96,"caption":"kalpadmin"}},{"@type":"WebPage","@id":"https:\/\/www.varutra.com\/varutravrt3\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\/#webpage","url":"https:\/\/www.varutra.com\/varutravrt3\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\/","name":"SAML [Security Assertion Markup Language] Vulnerabilities","description":"SAML is the oldest standard, originally developed in 2001. Understand Security Assertion Markup Language Vulnerabilities & Mitigation of SAML vulnerabilities.","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/#website"},"breadcrumb":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\/#breadcrumblist"},"author":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/author\/admin\/#author"},"creator":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/author\/admin\/#author"},"image":{"@type":"ImageObject","url":"https:\/\/www.varutra.com\/varutravrt3\/wp-content\/uploads\/2019\/02\/SAML-Copy.png","@id":"https:\/\/www.varutra.com\/varutravrt3\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\/#mainImage","width":1230,"height":700,"caption":"SAML - Copy"},"primaryImageOfPage":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\/#mainImage"},"datePublished":"2019-02-14T13:33:28+05:30","dateModified":"2022-12-02T15:23:54+05:30"},{"@type":"WebSite","@id":"https:\/\/www.varutra.com\/varutravrt3\/#website","url":"https:\/\/www.varutra.com\/varutravrt3\/","name":"Varutra Consulting","description":"Secure your digital world with our Cybersecurity services.","inLanguage":"en-US","publisher":{"@id":"https:\/\/www.varutra.com\/varutravrt3\/#organization"}}]}},"aioseo_meta_data":{"post_id":"2351","title":"SAML [Security Assertion Markup Language] Vulnerabilities","description":"SAML is the oldest standard, originally developed in 2001. Understand Security Assertion Markup Language Vulnerabilities &amp; Mitigation of SAML vulnerabilities.","keywords":[],"keyphrases":"{\"focus\":{\"keyphrase\":\"SAML\",\"score\":100,\"analysis\":{\"keyphraseInTitle\":{\"title\":\"Focus keyphrase in SEO title\",\"description\":\"Focus keyphrase found in SEO title.\",\"score\":9,\"maxScore\":9,\"error\":0},\"keyphraseInDescription\":{\"title\":\"Focus keyphrase in meta description\",\"description\":\"Focus keyphrase found in meta description.\",\"score\":9,\"maxScore\":9,\"error\":0},\"keyphraseLength\":{\"title\":\"Focus keyphrase length\",\"description\":\"Good job!\",\"score\":9,\"maxScore\":9,\"error\":0,\"length\":1},\"keyphraseInURL\":{\"title\":\"Focus keyphrase in URL\",\"description\":\"Focus keyphrase used in the URL.\",\"score\":5,\"maxScore\":5,\"error\":0},\"keyphraseInIntroduction\":{\"title\":\"Focus keyphrase in introduction\",\"description\":\"Your Focus keyphrase appears in the first paragraph. Well done!\",\"score\":9,\"maxScore\":9,\"error\":0},\"keyphraseInSubHeadings\":{\"title\":\"Focus keyphrase in Subheadings\",\"description\":\"Your H2 and H3 subheadings reflects the topic of your copy. Good job!\",\"score\":9,\"maxScore\":9,\"error\":0},\"keyphraseInImageAlt\":{\"title\":\"Focus keyphrase in image alt attributes\",\"description\":\"Focus keyphrase found in image alt attribute(s).\",\"score\":9,\"maxScore\":9,\"error\":0}}},\"additional\":[{\"keyphrase\":\"SAML Vulnerabilities\",\"score\":83,\"analysis\":{\"keyphraseInDescription\":{\"title\":\"Keyphrase in meta description\",\"description\":\"Keyphrase found in meta description.\",\"score\":9,\"maxScore\":9,\"error\":0},\"keyphraseLength\":{\"title\":\"Keyphrase length\",\"description\":\"Good job!\",\"score\":9,\"maxScore\":9,\"error\":0,\"length\":2},\"keyphraseInIntroduction\":{\"title\":\"Keyphrase in introduction\",\"description\":\"Your Keyphrase does not appear in the first paragraph. Make sure the topic is clear immediately.\",\"score\":3,\"maxScore\":9,\"error\":1},\"keyphraseInImageAlt\":{\"title\":\"Keyphrase in image alt attributes\",\"description\":\"Keyphrase found in image alt attribute(s).\",\"score\":9,\"maxScore\":9,\"error\":0}}},{\"keyphrase\":\"Security Assertion Markup Language Vulnerabilities\",\"score\":58,\"analysis\":{\"keyphraseInDescription\":{\"title\":\"Keyphrase in meta description\",\"description\":\"Keyphrase found in meta description.\",\"score\":9,\"maxScore\":9,\"error\":0},\"keyphraseLength\":{\"title\":\"Keyphrase length\",\"description\":\"Keyphrase is slightly long. Try to make it shorter.\",\"score\":6,\"maxScore\":9,\"error\":1,\"length\":5},\"keyphraseInIntroduction\":{\"title\":\"Keyphrase in introduction\",\"description\":\"Your Keyphrase does not appear in the first paragraph. Make sure the topic is clear immediately.\",\"score\":3,\"maxScore\":9,\"error\":1},\"keyphraseInImageAlt\":{\"title\":\"Keyphrase in image alt attributes\",\"description\":\"Keyphrase not found in image alt attribute(s). Add an image with your Keyphrase as alt text.\",\"score\":3,\"maxScore\":9,\"error\":1}}},{\"keyphrase\":\"Security Assertion Markup Language\",\"score\":83,\"analysis\":{\"keyphraseInDescription\":{\"title\":\"Keyphrase in meta description\",\"description\":\"Keyphrase found in meta description.\",\"score\":9,\"maxScore\":9,\"error\":0},\"keyphraseLength\":{\"title\":\"Keyphrase length\",\"description\":\"Good job!\",\"score\":9,\"maxScore\":9,\"error\":0,\"length\":4},\"keyphraseInIntroduction\":{\"title\":\"Keyphrase in introduction\",\"description\":\"Your Keyphrase does not appear in the first paragraph. Make sure the topic is clear immediately.\",\"score\":3,\"maxScore\":9,\"error\":1},\"keyphraseInImageAlt\":{\"title\":\"Keyphrase in image alt attributes\",\"description\":\"Keyphrase found in image alt attribute(s).\",\"score\":9,\"maxScore\":9,\"error\":0}}},{\"keyphrase\":\"Vulnerabilities\",\"score\":83,\"analysis\":{\"keyphraseInDescription\":{\"title\":\"Keyphrase in meta description\",\"description\":\"Keyphrase found in meta description.\",\"score\":9,\"maxScore\":9,\"error\":0},\"keyphraseLength\":{\"title\":\"Keyphrase length\",\"description\":\"Good job!\",\"score\":9,\"maxScore\":9,\"error\":0,\"length\":1},\"keyphraseInIntroduction\":{\"title\":\"Keyphrase in introduction\",\"description\":\"Your Keyphrase does not appear in the first paragraph. Make sure the topic is clear immediately.\",\"score\":3,\"maxScore\":9,\"error\":1},\"keyphraseInImageAlt\":{\"title\":\"Keyphrase in image alt attributes\",\"description\":\"Keyphrase found in image alt attribute(s).\",\"score\":9,\"maxScore\":9,\"error\":0}}}]}","primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"featured","og_image_url":"https:\/\/www.varutra.com\/wp-content\/uploads\/2019\/02\/SAML-Copy.png","og_image_width":"1230","og_image_height":"700","og_image_custom_url":null,"og_image_custom_fields":null,"og_video":"","og_custom_url":null,"og_article_section":"Authentication &amp; Authorization","og_article_tags":[],"twitter_use_og":true,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":"{\"article\":{\"articleType\":\"BlogPosting\"},\"course\":{\"name\":\"\",\"description\":\"\",\"provider\":\"\"},\"faq\":{\"pages\":[]},\"product\":{\"reviews\":[]},\"recipe\":{\"ingredients\":[],\"instructions\":[],\"keywords\":[]},\"software\":{\"reviews\":[],\"operatingSystems\":[]},\"webPage\":{\"webPageType\":\"WebPage\"}}","pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":"-1","robots_max_videopreview":"-1","robots_max_imagepreview":"large","priority":null,"frequency":"default","local_seo":null,"limit_modified_date":false,"open_ai":null,"created":"2021-10-27 15:16:26","updated":"2022-12-02 10:05:38"},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t<a href=\"https:\/\/www.varutra.com\/varutravrt3\" title=\"Home\">Home<\/a>\n<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t<a href=\"https:\/\/www.varutra.com\/varutravrt3\/category\/authentication-authorization\/\" title=\"Authentication &amp; Authorization\">Authentication &amp; Authorization<\/a>\n<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\tVulnerabilities Related to SAML [Security Assertion Markup Language] \u2013 Part 1\n<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/www.varutra.com\/varutravrt3"},{"label":"Authentication &amp; Authorization","link":"https:\/\/www.varutra.com\/varutravrt3\/category\/authentication-authorization\/"},{"label":"Vulnerabilities Related to SAML [Security Assertion Markup Language] \u2013 Part 1","link":"https:\/\/www.varutra.com\/varutravrt3\/vulnerabilities-related-to-saml-security-assertion-markup-language-part-1\/"}],"post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/posts\/2351"}],"collection":[{"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/comments?post=2351"}],"version-history":[{"count":5,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/posts\/2351\/revisions"}],"predecessor-version":[{"id":20345,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/posts\/2351\/revisions\/20345"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/media\/3219"}],"wp:attachment":[{"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/media?parent=2351"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/categories?post=2351"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.varutra.com\/varutravrt3\/wp-json\/wp\/v2\/tags?post=2351"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}