A customer recently upgraded to 8.0.14 to address this vulnerability. However after the upgrade, they noticed that SAML authentication for the Global Protect VPN client and the portal failed. The error in the log was and ( description contains 'Failure while validating the signature of SAML message received from the IdP "https://accounts.google.com/o/saml2?idpid=C00wscql4", because the certificate in the SAML Message doesn\'t match the IDP certificate configured on the IdP Server Profile "Google Apps IDP". (SP: "Global Protect"), (Client IP: 86.195.94.158), (vsys: vsys1), (authd id: 6627430890471424002)' ) When reverting to version 8.0.7, all works again. This would suggest a bug in 8.0.14. Is there a workaround for this vulnerability so that my customer doesn't have to worry about the SAML auth issue and remain on their current 8.0.7 code? Any suggestions much appreciated.
... View more