The SAML 2.0 implementation in AdNovum nevisAuth 18.104.22.168 before 22.214.171.124, when using SAML POST-Binding, does not match all attributes of the X.509 certificate embedded in the assertion against the certificate from the identity provider (IdP), which allows remote attackers to inject arbitrary SAML assertions via a crafted certificate.
The information has been provided by Antoine Neuenschwander.
* AdNovum nevisAuth 126.96.36.199 before 188.8.131.52
* AdNovum nevisAuth after 184.108.40.206
nevisAuth implements strong user and system authentication for identity and access management solutions. It offers secure execution of multi-step authentication and is able to dynamically adjust authentication strengths. nevisAuth is highly flexible, easily integrated and supports plug-ins to various authentication methods. Security Analysts of Compass Security Schweiz AG  discovered a security flaw in the SAML 2.0 implementation of nevisAuth, which allows an attacker to bypass the signature validation of security assertions, and therefore impersonate other users.