From 2f99dec5d8dd004f5460078d2b87d1d4c75f68aa Mon Sep 17 00:00:00 2001 From: TimmyBc Date: Sun, 12 Jan 2025 12:43:07 +0100 Subject: [PATCH 1/2] SAML Replay - P5 Adding: P5 - Broken Authentication and Session Management - SAML Replay --- mappings/cvss_v3/cvss_v3.json | 4 ++++ mappings/remediation_advice/remediation_advice.json | 7 +++++++ vulnerability-rating-taxonomy.json | 6 ++++++ 3 files changed, 17 insertions(+) diff --git a/mappings/cvss_v3/cvss_v3.json b/mappings/cvss_v3/cvss_v3.json index 8b42466d..b23763c6 100644 --- a/mappings/cvss_v3/cvss_v3.json +++ b/mappings/cvss_v3/cvss_v3.json @@ -302,6 +302,10 @@ } ] }, + { + "id": "saml_replay", + "cvss_v3": "AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" + }, { "id": "session_fixation", "children": [ diff --git a/mappings/remediation_advice/remediation_advice.json b/mappings/remediation_advice/remediation_advice.json index bfa8b1f3..5c52e2a3 100644 --- a/mappings/remediation_advice/remediation_advice.json +++ b/mappings/remediation_advice/remediation_advice.json @@ -469,6 +469,13 @@ } ] }, + { + "id": "saml_replay", + "references": [ + "https://snyk.io/blog/common-saml-vulnerabilities-remediate/", + "https://support.okta.com/help/s/article/okta-service-has-protection-against-replay-attacks?language=en_US" + ] + }, { "id": "session_fixation", "remediation_advice": "Always regenerate the session token after the users properly authenticate.", diff --git a/vulnerability-rating-taxonomy.json b/vulnerability-rating-taxonomy.json index 0801c0a1..e47c03c8 100644 --- a/vulnerability-rating-taxonomy.json +++ b/vulnerability-rating-taxonomy.json @@ -526,6 +526,12 @@ } ] }, + { + "id": "saml_replay", + "name": "SAML Replay", + "type": "subcategory", + "priority": 5 + }, { "id": "session_fixation", "name": "Session Fixation", From 95f1d8b9bc73760690e9cef2e31b6eee408f5b95 Mon Sep 17 00:00:00 2001 From: Abhinav Nain Date: Wed, 15 Jan 2025 14:11:53 +0530 Subject: [PATCH 2/2] Additional Files --- .../remediation_training/secure-code-warrior-links.json | 1 + 1 file changed, 1 insertion(+) diff --git a/third-party-mappings/remediation_training/secure-code-warrior-links.json b/third-party-mappings/remediation_training/secure-code-warrior-links.json index 615a3188..af1a2c93 100755 --- a/third-party-mappings/remediation_training/secure-code-warrior-links.json +++ b/third-party-mappings/remediation_training/secure-code-warrior-links.json @@ -83,6 +83,7 @@ "broken_authentication_and_session_management.failure_to_invalidate_session.on_password_change": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:failure_to_invalidate_session:on_password_change&redirect=true", "broken_authentication_and_session_management.failure_to_invalidate_session.on_two_fa_activation_change": null, "broken_authentication_and_session_management.failure_to_invalidate_session.permission_change": null, + "broken_authentication_and_session_management.saml_replay": null, "broken_authentication_and_session_management.session_fixation": null, "broken_authentication_and_session_management.session_fixation.local_attack_vector": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:session_fixation:local_attack_vector&redirect=true", "broken_authentication_and_session_management.session_fixation.remote_attack_vector": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:session_fixation:remote_attack_vector&redirect=true",