Cirrus Identity is carefully monitoring the recently reported SAML vulnerabilities. We have done an assessment of the vulnerability first announced by Duo (https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations). Based on the information we have at this time, Cirrus Identity is not impacted by this vulnerability. Cirrus Identity will continue to monitor the situation and will update customers as information becomes available.
Customers of Cirrus Identity may contact firstname.lastname@example.org with specific questions or concerns.
Mark Rank - Director of Product and Customer Success