GitLab Critical SAML Vulnerability - 20241008001¶
Overview¶
Github has published advisories for a critical vulnerability involving omniauth SAML and ruby SAML libraries, which are both utilised in GitLab's authentication system. This vulnerability allows malicious actors to bypass SAML authentication and gain unauthorized access by exploiting weaknesses in SAML response verification.
What is vulnerable?¶
| Product(s) Affected | Version(s) | CVE # | CVSS v4/v3 | Severity |
|---|---|---|---|---|
| GitLab | all versions < 16.11.10 17.0 < 17.0.8 17.1 < 17.1.8 17.2 < 17.2.7 17.3 < 17.3.3 |
CVE-2024-45409 | 10 | Critical |
| omniauth_saml (library) | all versions < 1.10.5 2.1 < 2.1.2 2.2 < 2.1.2 |
CVE-2024-45409 | 10 | Critical |
| ruby-saml (library) | all versions < 1.12.3 1.13 < 1.17.0 |
CVE-2024-45409 | 10 | Critical |
What has been observed?¶
There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
Recommendation¶
The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of 48 hours... (refer Patch Management):
- Github omniauth-saml: https://github.com/omniauth/omniauth-saml/security/advisories/GHSA-cvp8-5r8g-fhvq
- Github ruby-saml: https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-jw9c-mfg7-9rx2