CA Technologies Information for VU#475445

Multiple SAML libraries may allow authentication bypass via incorrect XML canonicalization and DOM traversal

Status

Not Affected

Vendor Statement

"The results of testing have concluded that CA Single Sign-On, and the previously named CA Federation, is not affected by this vulnerability."

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://support.ca.com/us/product-content/status/announcement-documents/2018/ca---proactive-notification---smplc---advisory---asmplc-100601.html

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.