diff --git a/mappings/cvss_v3/cvss_v3.json b/mappings/cvss_v3/cvss_v3.json index d8d1b3f4..de48c505 100644 --- a/mappings/cvss_v3/cvss_v3.json +++ b/mappings/cvss_v3/cvss_v3.json @@ -366,10 +366,6 @@ "id": "authentication_bypass", "cvss_v3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L" }, - { - "id": "saml_replay", - "cvss_v3": "AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" - }, { "id": "two_fa_bypass", "cvss_v3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" diff --git a/mappings/remediation_advice/remediation_advice.json b/mappings/remediation_advice/remediation_advice.json index d3d0557d..2af119fb 100644 --- a/mappings/remediation_advice/remediation_advice.json +++ b/mappings/remediation_advice/remediation_advice.json @@ -756,13 +756,6 @@ "https://www.owasp.org/index.php/Testing_Multiple_Factors_Authentication_(OWASP-AT-009)" ] }, - { - "id": "saml_replay", - "references": [ - "https://snyk.io/blog/common-saml-vulnerabilities-remediate/", - "https://support.okta.com/help/s/article/okta-service-has-protection-against-replay-attacks?language=en_US" - ] - }, { "id": "cleartext_transmission_of_session_token", "remediation_advice": "Ensure that session tokens are transmitted over protected channels at all times. If the secure cookie flag is not an option ensure that the application does not support unencrypted communication.", diff --git a/vulnerability-rating-taxonomy.json b/vulnerability-rating-taxonomy.json index e90de648..2e02945b 100644 --- a/vulnerability-rating-taxonomy.json +++ b/vulnerability-rating-taxonomy.json @@ -1069,12 +1069,6 @@ "type": "subcategory", "priority": 1 }, - { - "id": "saml_replay", - "name": "SAML Replay", - "type": "subcategory", - "priority": 5 - }, { "id": "two_fa_bypass", "name": "Second Factor Authentication (2FA) Bypass",