The SAML 2.0 implementation in AdNovum nevisAuth 188.8.131.52 before 184.108.40.206, when using SAML POST-Binding, does not match all attributes of the X.509 certificate embedded in the assertion against the certificate from the identity provider (IdP), which allows remote attackers to inject arbitrary SAML assertions via a crafted certificate.
The information has been provided by Antoine Neuenschwander.
* AdNovum nevisAuth 220.127.116.11 before 18.104.22.168
* AdNovum nevisAuth after 22.214.171.124
nevisAuth implements strong user and system authentication for identity and access management solutions. It offers secure execution of multi-step authentication and is able to dynamically adjust authentication strengths. nevisAuth is highly flexible, easily integrated and supports plug-ins to various authentication methods. Security Analysts of Compass Security Schweiz AG  discovered a security flaw in the SAML 2.0 implementation of nevisAuth, which allows an attacker to bypass the signature validation of security assertions, and therefore impersonate other users.