Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.Project:
Date:
2020-March-11
Vulnerability:
Access bypass
Affected versions:
<3.7.0
Description:
This module enables you to authenticate Drupal users using an external SAML Identity Provider.
If the site is configured to allow visitors to register for user accounts but administrator approval is required, the module doesn't sufficiently enforce the administrative approval requirement, in the case where the requesting user has already authenticated through SAML.
This vulnerability is mitigated by the fact that user accounts created in this way have only default roles, which may not have access significantly beyond that of an anonymous user. To mitigate the vulnerability without upgrading sites could disable public registration.
Solution:
Install the latest version:
- If you use the SAML Service Provider module for Drupal 8.x, upgrade to SAML Service Provider 8.x-3.7
Also see the SAML Service Provider project page.
Reported By:
Fixed By:
Coordinated By:
- Greg Knaddison of the Drupal Security Team
