An SQL injection vulnerability has been identified in the "ID" attribute of the SAML response when the replay cache of the Shibboleth Service Provider

DATABASE

10-09-2025 04:20

CVE-2025-9943 Vulnerabilidad documentada

Sin puntuación

Tags

#sql injection

#sql

#plugin

#injection

#exploit

#data

#db

#config

#database

#vulnerability

#/sql(.*)injection/iU

#authenticated

#arbitrary

#issue

#inject

#allow

#attack

#affect

Descripción

An SQL injection vulnerability has been identified in the "ID" attribute of SAML response when replay cache Shibboleth Service Provider (SP) is configured to use an database as storage service. An unauthenticated attacker can exploit this issue via blind injection, allowing for extraction arbitrary data from database, if connection ODBC plugin. The arises insufficient escaping single quotes class SQLString (file odbc-store.cpp, lines 253-271). This affects through 3.5.0.

https://r.sec-consult.com/shibboleth

https://shibboleth.net/community/advisories/secadv_20250903.txt

https://shibboleth.net/downloads/service-provider/3.5.1/

Referencia

Link externo

Ver detalles

Fuente

https://nvd.nist.gov/vuln/detail/CVE-2025-9943

Resultados similares

Coincidentes en almenos en 50% de los tags

10-09-2025 CVE-2025-58761
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. The `real_pms_im...
Ver información

10-09-2025 CVE-2025-9979
The Maspik plugin for WordPress is vulnerable to Missing Authorization in version 2.5.6 and pri...
Ver información