Last Modified: Dec 18, 2024
Affected Product(s):
BIG-IP APM
Known Affected Versions:
15.1.8, 15.1.8.1, 15.1.8.2, 15.1.9, 15.1.9.1, 15.1.10, 15.1.10.2, 15.1.10.3, 15.1.10.4, 15.1.10.5, 15.1.10.6
Fixed In:
17.1.2
Opened: Sep 21, 2023 Severity: 2-Critical
The parameter 'RelayState' parameter received in SLO Response from IDP is not included in the signature validation when BIG-IP is used as SP.
BIG-IP fails in validating the Signature of SLO Response.
BIG-IP as SP does not include 'RelayState' while validating the signature of SLO Response.
None
None