https://live.paloaltonetworks.com/t5/general-topics/authentication-bypass-in-saml-authentication/m-p/336502#M84762 <P>Hi <a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/105432">@karthikeyanB</a>&nbsp;</P> <P>&nbsp;</P> <P>While this would be an alternative, I assume protecting from this authentication bypass vulnerability with a signature is difficult, maybe even impossible as there - as far as I understand the securityadvisory - isn't some 'malicious' in the traffic that can be blocked. The traffic looks like a normal authentication request and the problem (the vulnerability) is that PAN-OS does not correctly verify the signature of the SAML assertion.</P> <P>So if you are affected, do not wait and install the update as soon as possible or make sure the option "<SPAN>Validate Identity Provider Certificate" is enabled.</SPAN></P> <P>&nbsp;</P> <P><SPAN>Regards,</SPAN></P> <P><SPAN>Remo</SPAN></P> Thu, 02 Jul 2020 20:21:35 GMT Remo 2020-07-02T20:21:35Z https://live.paloaltonetworks.com/t5/general-topics/authentication-bypass-in-saml-authentication/m-p/336495#M84761 <DIV><SPAN>Dear Support Team,</SPAN></DIV><DIV><SPAN>&nbsp;</SPAN></DIV><DIV><SPAN>Please do us favour to update Security appliance Palo Alto with latest signature which help to prevent from latest vulnerability&nbsp;Authentication Bypass in SAML Authentication.</SPAN></DIV><DIV><SPAN>&nbsp;</SPAN></DIV><DIV><FONT><SPAN>Patch requirement for&nbsp;</SPAN><SPAN>CVE-2020-2021 PAN-OS: Authentication Bypass in SAML Authentication</SPAN></FONT></DIV><DIV>&nbsp;</DIV><DIV><FONT><SPAN>Regards</SPAN></FONT></DIV><DIV><FONT><SPAN>Karthikeyan Balamurugan</SPAN></FONT></DIV> Thu, 02 Jul 2020 18:22:54 GMT https://live.paloaltonetworks.com/t5/general-topics/authentication-bypass-in-saml-authentication/m-p/336495#M84761 karthikeyanB 2020-07-02T18:22:54Z https://live.paloaltonetworks.com/t5/general-topics/authentication-bypass-in-saml-authentication/m-p/336502#M84762 <P>Hi <a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/105432">@karthikeyanB</a>&nbsp;</P> <P>&nbsp;</P> <P>While this would be an alternative, I assume protecting from this authentication bypass vulnerability with a signature is difficult, maybe even impossible as there - as far as I understand the securityadvisory - isn't some 'malicious' in the traffic that can be blocked. The traffic looks like a normal authentication request and the problem (the vulnerability) is that PAN-OS does not correctly verify the signature of the SAML assertion.</P> <P>So if you are affected, do not wait and install the update as soon as possible or make sure the option "<SPAN>Validate Identity Provider Certificate" is enabled.</SPAN></P> <P>&nbsp;</P> <P><SPAN>Regards,</SPAN></P> <P><SPAN>Remo</SPAN></P> Thu, 02 Jul 2020 20:21:35 GMT https://live.paloaltonetworks.com/t5/general-topics/authentication-bypass-in-saml-authentication/m-p/336502#M84762 Remo 2020-07-02T20:21:35Z