CVE-2023-37471: 
Java vulnerability analysis and mitigation

OpenAM (Open Access Management) is an access management solution that includes Authentication, SSO, Authorization, Federation, Entitlements and Web Services Security. A critical vulnerability (CVE-2023-37471) was discovered in OpenAM versions up to 14.7.2, where the system fails to properly validate the signature of SAML responses received during the SAMLv1.x Single Sign-On process. The vulnerability was disclosed on July 20, 2023 (GitHub Advisory).

The vulnerability exists in the SAML signature validation process where OpenAM does not properly verify signatures of SAML responses. The issue stems from the fact that if a SAML response is unsigned, the system returns a default value of 'true' for validation instead of enforcing signature verification. This vulnerability has been assigned a CVSS v3.1 Base Score of 9.8 CRITICAL (Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) (NVD).

The vulnerability allows attackers to impersonate any OpenAM user, including administrators, by sending specially crafted SAML responses to the SAMLPOSTProfileServlet servlet. This could lead to complete system compromise and unauthorized access to protected resources (GitHub Advisory).

The vulnerability has been patched in OpenAM version 14.7.3-SNAPSHOT and later releases. For users unable to upgrade immediately, a workaround is available by commenting out the SAMLPOSTProfileServlet servlet from their pom file or disabling SAML in OpenAM (GitHub Advisory).