CVE-2021-43999: Improper validation of SAML responses
First published: Tue Jan 11 2022(Updated: )
Apache Guacamole 1.2.0 and 1.3.0 do not properly validate responses received from a SAML identity provider. If SAML support is enabled, this may allow a malicious user to assume the identity of another Guacamole user.
Credit: security@apache.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apache Guacamole | =1.2.0 | |
| Apache Guacamole | =1.3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-43999?
CVE-2021-43999 is a vulnerability in Apache Guacamole 1.2.0 and 1.3.0 that allows a malicious user to assume the identity of another Guacamole user if SAML support is enabled and responses from a SAML identity provider are not properly validated.
What is the severity of CVE-2021-43999?
CVE-2021-43999 has a severity score of 8.8 (high).
How does CVE-2021-43999 affect Apache Guacamole?
CVE-2021-43999 affects Apache Guacamole versions 1.2.0 and 1.3.0.
How can the CVE-2021-43999 vulnerability be exploited?
The CVE-2021-43999 vulnerability can be exploited if SAML support is enabled and responses from a SAML identity provider are not properly validated.
Is there a fix available for CVE-2021-43999?
Yes, it is recommended to update to a patched version of Apache Guacamole to fix CVE-2021-43999.
- collector/nvd-index
- agent/type
- agent/references
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/severity
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/apache
- canonical/apache guacamole
- version/apache guacamole/1.2.0
- version/apache guacamole/1.3.0