CVE-2024-22400 — Open Redirect in SSO Saml Authentication

CWE-601 — Open Redirect2 documents2 sources

Severity

6.1MEDIUMNVD

CNA3.1

EPSS

0.3%

top 49.67%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nextcloud SSO Saml Authentication Nextcloud Security-advisories

Timeline

PublishedJan 18

Description

Nextcloud User Saml is an app for authenticating Nextcloud users using SAML. In affected versions users can be given a link to the Nextcloud server and end up on a uncontrolled thirdparty server. It is recommended that the User Saml app is upgraded to version 5.1.5, 5.2.5, or 6.0.1. There are no known workarounds for this issue.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages2 packages

▶NVDnextcloud/sso_saml_authentication5.0.0 — 5.1.5+2

▶CVEListV5nextcloud/security-advisories>= 5.0.0, < 5.1.5, >= 5.2.0, < 5.2.5, >= 6.0.0, < 6.0.1+2

Patches

Patch: github.com ↗Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

CVEList

Open redirect in user_saml via RelayState parameter in Nextcloud User Saml↗2024-01-18

▶