CVE Catalog

CVE-2026-25604

MediumCVSS 5.4
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.36%

28th percentile - higher than 28% of all known CVEs

Summary

In AWS Auth Manager, the origin of SAML authentication was taken from the client without verification against the actual instance URL. This allowed gaining access to different instances with potentially different access controls by reusing SAML responses from other instances.

Risk Assessment

The organization is at risk of unauthorized access to AWS instances with varying privilege levels, potentially leading to data confidentiality and integrity breaches.

Recommendation

Immediately upgrade the AWS Auth Manager provider to version 9.22.0, which includes a fix for this vulnerability.

Original NVD description (English source)

In AWS Auth manager, the origin of the SAML authentication has been used as provided by the client and not verified against the actual instance URL.  This allowed to gain access to different instances with potentially different access controls by reusing SAML response from other instances. You should upgrade to 9.22.0 version of provider if you use AWS Auth Manager.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS