CERT/CC Vulnerability Note VU#475445: Potential Impact on RSA Products
Originally Published: 2018-03-15
Article Number
Applies To
CVE Identifier(s)
Article Summary
Resolution
| RSA Product Name | Versions | Impacted? | Details | Last Updated |
|---|---|---|---|---|
| Access Manager | 6.2.x | Not Impacted | Access Manager supports SAML as an Identity Provider (IDP) and therefore is not impacted by the vulnerability. To prevent attackers from attempting or exploiting the vulnerability in your applications that may talk to a vulnerable third-party SP implementation, RSA recommends that you: 1. Ensure that accounts in your identity source can only be created by authorized individuals and, especially if any self-service account provisioning is offered, that account names adhere to specific guidelines to reduce the opportunity for exploitation. 2. Reach out to your SP application providers and make sure they use non-vulnerable SAML products or libraries, or confirm they are using the latest versions that have been patched to address the vulnerability. | 2018-03-15 |
| Adaptive Authentication Cloud | Not Impacted | The SAML implementation used is not affected by the vulnerability. | 2018-03-15 | |
| Archer Hosted | All Supported | Not Impacted | SAML responses and claims are handled by Microsoft ADFS which is not affected by the vulnerability. | 2018-03-15 |
| Archer Platform | All Supported | Not Impacted | SAML responses and claims are handled by Microsoft ADFS which is not affected by the vulnerability. | 2018-03-15 |
| Archer Security Operations Management (SecOps) | All Supported | Not Impacted | SAML responses and claims are handled by Microsoft ADFS which is not affected by the vulnerability. | 2018-03-15 |
| Archer Vulnerability & Risk Manager (VRM) | All Supported | Not Impacted | SAML responses and claims are handled by Microsoft ADFS which is not affected by the vulnerability. | 2018-03-15 |
| Federated Identity Manager (FIM) | All Supported | Not Impacted | FIM is not impacted by the vulnerability. FIM has signature verification procedure wherein any signed SAML response/assertion if modified (e.g., injection of any comments as stated in reported SAML vulnerability definition) would result in signature verification failure. RSA recommends that customers follow the product documentation to use signing and/or encryption for SAML messages. | 2018-03-15 |
| Identity Governance & Lifecycle, Via Lifecycle & Governance, Identity Management & Governance | 7.1, 7.0.2, 7.0.1, 7.0, 6.9.x | Not Impacted | Product uses libraries which are not affected by the vulnerability. | 2018-03-15 |
| SecurID Access Cloud Service | All Supported | Not Impacted | SecurID Access Cloud Service supports SAML as an Identity Provider (IDP) and therefore is not impacted by the vulnerability. To prevent attackers from attempting or exploiting the vulnerability in your applications that may talk to a vulnerable third-party SP implementation, RSA recommends that you: 1. Ensure that accounts in your identity source can only be created by authorized individuals and, especially if any self-service account provisioning is offered, that account names adhere to specific guidelines to reduce the opportunity for exploitation. 2. Reach out to your SP application providers and make sure they use non-vulnerable SAML products or libraries, or confirm they are using the latest versions that have been patched to address the vulnerability. | 2018-03-15 |
| SecurID Access IDR VM | All Supported | Not Impacted | SecurID Access IDR VM supports SAML as an Identity Provider (IDP) and as a Service Provider (SP). SecurID Access uses a SAML implementation that is not affected by the vulnerability. To prevent attackers from attempting or exploiting the vulnerability in your applications that may talk to a vulnerable third-party SP implementation, RSA recommends that you: 1. Ensure that accounts in your identity source can only be created by authorized individuals and, especially if any self-service account provisioning is offered, that account names adhere to specific guidelines to reduce the opportunity for exploitation. 2. Reach out to your SP application providers and make sure they use non-vulnerable SAML products or libraries, or confirm they are using the latest versions that have been patched to address the vulnerability. | 2018-03-15 |
Notes
- CERT/CC Vulnerability Note: https://www.kb.cert.org/vuls/id/475445
- Researcher’s (Duo Labs) blog post: https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations
Disclaimer
Related Articles
CERT/CC Vulnerability Note VU#144389: Potential Impact on RSA Products Number of Views How to remediate the impact of the POODLE vulnerability on RSA Endpoint Number of Views Spring-related vulnerabilities for RSA Authentication Manager Number of Views KCA Apache web server showing security vulnerability with scan due patch level/version Number of Views Best practices for running vulnerability scans against RSA Authentication Manager 8.x Number of Views
Trending Articles
RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.9 Release Notes (January 2026) How to install the jTDS JDBC driver on WildFly for use with Data Collections in RSA Identity Governance & Lifecycle RSA Authentication Manager 8.8 Setup and Configuration Guide Artifacts to gather in RSA Identity Governance & Lifecycle
Don't see what you're looking for?
