Vulnerability Description
An issue was discovered in Hitachi ID Bravura Security Fabric 11.0.0 through 11.1.3, 12.0.0 through 12.0.2, and 12.1.0. When using federated identity management (authenticating via SAML through a third-party identity provider), an attacker can inject additional data into a signed SAML response being transmitted to the service provider (ID Bravura Security Fabric). The application successfully validates the signed values but uses the unsigned malicious values. An attacker with lower-privilege access to the application can inject the username of a high-privilege user to impersonate that user.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hitachi | Id Bravura Security Fabric | >= 11.0.0, <= 11.1.3 |
Related Weaknesses (CWE)
References
- https://www.hitachi-id.com/cve-2021-3196-attackers-can-impersonate-another-userVendor Advisory
- https://www.hitachi.com/hirt/hitachi-sec/2021/601.htmlExploitVendor Advisory
- https://www.hitachi.com/hirt/security/index.htmlVendor Advisory
- https://www.hitachi-id.com/cve-2021-3196-attackers-can-impersonate-another-userVendor Advisory
- https://www.hitachi.com/hirt/hitachi-sec/2021/601.htmlExploitVendor Advisory
- https://www.hitachi.com/hirt/security/index.htmlVendor Advisory
FAQ
What is CVE-2021-3196?
CVE-2021-3196 is a vulnerability with a CVSS score of 8.8 (HIGH). An issue was discovered in Hitachi ID Bravura Security Fabric 11.0.0 through 11.1.3, 12.0.0 through 12.0.2, and 12.1.0. When using federated identity management (authenticating via SAML through a thir...
How severe is CVE-2021-3196?
CVE-2021-3196 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-3196?
Check the references section above for vendor advisories and patch information. Affected products include: Hitachi Id Bravura Security Fabric.