Description
Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal SAML SSO - Service Provider allows Privilege Escalation.

This issue affects SAML SSO - Service Provider: from 0.0.0 before 3.1.4.
Published: 2026-05-28
Score: 7.4 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Drupal SAML SSO - Service Provider contains an improper check for unusual or exceptional conditions (CWE‑754, Improper Check for Unusual or Exceptional Conditions) that allows an attacker to bypass authentication and gain higher privileges, resulting in privilege escalation. The flaw directly undermines the authentication mechanism by permitting elevated access to users who should be denied.

Affected Systems

All installations of Drupal SAML SSO - Service Provider with a version below 3.1.4 are affected. The issue was resolved in version 3.1.4, which includes the corrected authentication checks.

Risk and Exploitability

The CVSS score of 7.4 indicates high severity, while the EPSS score of less than 1% suggests low exploitation probability. The vulnerability is not listed in CISA KEV. The flaw could enable an attacker to gain unauthorized privileges; no definitive exploit is documented. Based on the description, the likely attack vector is remote access to the SAML SSO endpoint, but this inference is supported only by the fact that SAML exchanges occur over the network.

Generated by OpenCVE AI on May 29, 2026 at 21:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Drupal SAML SSO - Service Provider to version 3.1.4 or newer to eliminate the authentication bypass
  • If an immediate upgrade is not possible, disable or remove the SAML SSO module from active use until the patch is applied to prevent unauthorized access
  • Block or restrict access to the SAML SSO endpoint to trusted IPs until the patch is applied

Generated by OpenCVE AI on May 29, 2026 at 21:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://www.drupal.org/sa-contrib-2026-031 cve-icon cve-icon
History

Fri, 29 May 2026 19:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.4, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 29 May 2026 00:45:00 +0000

Type Values Removed Values Added
First Time appeared Drupal
Drupal saml Sso - Service Provider
Vendors & Products Drupal
Drupal saml Sso - Service Provider

Thu, 28 May 2026 23:15:00 +0000

Type Values Removed Values Added
Description Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal SAML SSO - Service Provider allows Privilege Escalation. This issue affects SAML SSO - Service Provider: from 0.0.0 before 3.1.4.
Title SAML SSO - Service Provider - Critical - Authentication bypass - SA-CONTRIB-2026-031
Weaknesses CWE-754
References

Subscriptions

Drupal Saml Sso - Service Provider
cve-icon MITRE

Status: PUBLISHED

Assigner: drupal

Published:

Updated: 2026-05-29T18:38:36.072Z

Reserved: 2026-04-01T15:41:53.003Z

Link: CVE-2026-5343

cve-icon Vulnrichment

Updated: 2026-05-29T18:38:20.656Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-28T23:16:44.520

Modified: 2026-05-29T20:16:30.813

Link: CVE-2026-5343

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-29T22:00:09Z

Weaknesses