Cirrus Identity continues to monitor recently reported SAML vulnerabilities. The SimpleSAMLphp project recently released updates to address two security advisories:
Cirrus Identity has assessed 201802-01 and implemented corrective actions to mitigate the risk. We have also assessed the impact of 201803-01 to our operations. We have compensating controls in place for 201803-01 and will work to implement the patch in the coming days. We will continue to monitor the situation.
Customers of Cirrus Identity may contact support@cirrusidentity.com with specific questions or concerns.
Mark Rank - Director of Product and Customer Success