Security Alert: SAML Single Sign-On Is Vulnerable
- By Brian Pontarelli
- News, Security Alert
- March 1, 2018
On February 27, Duo Security reported SAML single sign-on has a vulnerability that could enable attackers to easily take over a victim's account. Vendors impacted by the vulnerability such as Okta, OneLogin, OmniAuth, Clever Inc and the Shibboleth Consortium have been alerted, although it’s difficult to identify and notify all users who could be at risk.