SysAid - Okta SSO integration

SysAid - Okta SSO integration - was found vulnerable to XML External Entity Injection vulnerability. Any SysAid environment that uses the Okta SSO integration might be vulnerable. An unauthenticated attacker could exploit the XXE vulnerability by sending a malformed POST request to the identity provider endpoint. An attacker can extract the identity provider endpoint by decoding the SAMLRequest parameter's value and searching for the AssertionConsumerServiceURL parameter's value. It often allows an attacker to view files on the application server filesystem and interact with any back-end or external systems that the application can access. In some situations, an attacker can escalate an XXE attack to compromise the underlying server or other back-end infrastructure by leveraging the XXE vulnerability to perform server-side request forgery (SSRF) attacks.

CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

XML外部实体引用的不恰当限制(XXE)

Sysaid Technologies SysAid 代码问题漏洞

Sysaid Technologies SysAid是以色列Sysaid Technologies公司的一套IT服务管理解决方案。 SysAid - Okta SSO integration存在安全漏洞，该漏洞源于未经身份验证的攻击者可以通过向身份提供者端点发送格式错误的 POST 请求来利用 XXE 漏洞，以下产品和版本受到影响：Okta SSO 22.1.50之前云版本，Okta SSO 22.1.64之前本地版本。

N/A

N/A