Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IP APM
Known Affected Versions:
15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 15.1.8.1, 15.1.8.2, 15.1.9, 15.1.9.1, 15.1.10, 15.1.10.2, 15.1.10.3, 15.1.10.4, 15.1.10.5, 15.1.10.6
Fixed In:
17.5.0
Opened: Nov 13, 2023 Severity: 3-Major
When thumbnailPhoto as a SAML attribute is added, it causes external SP to fail due to "THE SAML RESPONSE IS INVALID." "Invalid SAML Response. Not match the saml-schema-protocol-2.0.xsd - invalid_xml" The thumbNail attribute adds in a "xsi:type="xs:base64Binary" to the SAML Attribute but does not have the namespace
Malformed Assertion causes external SP to fail due to "THE SAML RESPONSE IS INVALID." which impacts in accessing resources.
SAML configured with thumbnailPhoto as attributes added to BIG-IP as IDP.
None
None