प्लेटफ़ॉर्म
dotnet
घटक
cie.aspnetcore.authentication
में ठीक किया गया
2.1.1
2.1.0
CVE-2025-24895 is a critical vulnerability affecting CIE.AspNetCore.Authentication versions up to 2.0.4. This flaw allows attackers to bypass authentication mechanisms relying on SAML2, potentially granting them unauthorized access to protected resources. The vulnerability stems from improper handling of SAML assertions within the Service Provider (SP) role. A fix is available in version 2.1.0.
The core of this vulnerability lies in the misconfiguration or flawed implementation of SAML2 authentication within applications utilizing CIE.AspNetCore.Authentication. An attacker can craft malicious SAML assertions, manipulating identity information to impersonate legitimate users or gain access without proper credentials. This could lead to complete compromise of the application and its underlying data. Successful exploitation could result in unauthorized data access, modification, or deletion, as well as the ability to execute arbitrary code on the server, depending on the application's overall security posture. The impact is amplified if the application handles sensitive data or integrates with other critical systems.
CVE-2025-24895 was publicly disclosed on 2025-02-18. The CVSS score of 9.1 (CRITICAL) indicates a high probability of exploitation. While no public proof-of-concept (PoC) has been widely reported, the nature of the vulnerability – SAML assertion manipulation – is well-understood and potentially exploitable by skilled attackers. It is recommended to treat this vulnerability with the highest priority.
Applications built using ASP.NET Core and relying on CIE.AspNetCore.Authentication for SAML-based authentication are at risk. This includes organizations using Single Sign-On (SSO) solutions and federated identity management systems. Legacy applications with outdated dependencies are particularly vulnerable.
• .NET / ASP.NET Core: Examine application logs for unusual SAML assertion patterns or authentication failures. Use a debugger to trace the SAML assertion processing flow and identify potential vulnerabilities. • .NET / ASP.NET Core: Monitor for unexpected user access patterns or privilege escalations. • Generic Web: Inspect SAML request/response payloads for malformed or unexpected attributes using a proxy like Burp Suite or OWASP ZAP.
disclosure
एक्सप्लॉइट स्थिति
EPSS
0.06% (19% शतमक)
CISA SSVC
CVSS वेक्टर
The primary mitigation is to immediately upgrade to CIE.AspNetCore.Authentication version 2.1.0 or later, which addresses the vulnerability. If upgrading is not immediately feasible, consider implementing temporary workarounds. Thoroughly review and validate all SAML configurations, ensuring proper assertion validation and attribute mapping. Implement strict access controls and multi-factor authentication to limit the potential damage from a successful attack. Consider using a Web Application Firewall (WAF) with SAML inspection capabilities to detect and block malicious assertions. Regularly audit SAML configurations and logs for suspicious activity.
CIE.AspNetCore.Authentication लाइब्रेरी को संस्करण 2.1.0 या उच्चतर में अपडेट करें। यह संस्करण SAML प्रतिक्रिया हस्ताक्षर सत्यापन को बाईपास करने के भेद्यता को ठीक करता है। अपडेट करने के लिए, अपनी .NET परियोजना में NuGet पैकेज मैनेजर का उपयोग करें।
भेद्यता विश्लेषण और गंभीर अलर्ट सीधे आपके ईमेल में।
CVE-2025-24895 is a critical vulnerability in CIE.AspNetCore.Authentication versions 2.0.4 and earlier that allows attackers to bypass authentication by manipulating SAML assertions, potentially gaining unauthorized access.
Yes, if your application uses CIE.AspNetCore.Authentication and is running a version equal to or less than 2.0.4, you are vulnerable to this authentication bypass.
Upgrade to CIE.AspNetCore.Authentication version 2.1.0 or later to remediate the vulnerability. Implement temporary workarounds like stricter SAML validation if immediate upgrade is not possible.
While no widespread exploitation has been confirmed, the vulnerability's severity and the ease of SAML manipulation suggest a high likelihood of exploitation. Proactive mitigation is strongly recommended.
Refer to the official CIE project repository and related security advisories for detailed information and updates regarding CVE-2025-24895.
अपनी डिपेंडेंसी फ़ाइल अपलोड करें और तुरंत जानें कि यह CVE और अन्य आपको प्रभावित करती हैं या नहीं।
अपनी packages.lock.json फ़ाइल अपलोड करें और तुरंत जानें कि आप प्रभावित हैं या नहीं।