Zscaler SAML Authentication Signature Verification Vulnerability Allowing Authentication Abuse

Vulnerability

A vulnerability exists in Zscaler's SAML authentication process due to improper verification of cryptographic signatures on the server side. This flaw has led to authentication abuse, allowing unauthorized access or actions.

Impact

Exploitation of this vulnerability could result in unauthorized authentication, potentially allowing users to gain access to resources or perform actions they are not entitled to.

Added: Aug 5, 2025, 6:19 AM

Updated: Aug 5, 2025, 6:19 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Zscaler SAML Authentication Signature Verification Vulnerability Allowing Authentication Abuse

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating