BugZero | ServiceNow BugID PRB1558447 - IDP-initiated Single Logout fails when Session Ind...

ServiceNow - Defect ID: PRB1558447

IDP-initiated Single Logout fails when Session Index is not present in SAML XML Request

ServiceNow - Defect ID: PRB1558447

IDP-initiated Single Logout fails when Session Index is not present in SAML XML Request

Last updated on December 7th, 2022

BugZero Risk Score
5.8 Medium

Overall: 5.8

Severity: 6.4

Community: 3.7

Lifecycle: 8.2

What is the BugZero Risk Score?

ServiceNow Integration

Learn more about where this data comes from

ServiceNow Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Bug Details

Priority: Sev3
Article Views: 117
Affected Component: Access Controls & Authentication

Description

When performing an IdP-initiated Single Logout and the SessionIndex is not present in the SAML XML Request, the instance will fail to process the request and will go to the "Failed Requirement Redirect" URL. Steps to Reproduce 1) Access your SSO configured instance. 2) Verify the instance redirects you to your SSO to log in. 3) The SSO login will then redirect back to the instance where you should be logged in. 4) From your SSO portal, initiate a logout. A Single Logout request (no SessionIndex) will be sent to the instance.

Workaround

This problem is under review and targeted to be fixed in a future release. To receive notifications when more information becomes available, subscribe to this Known Error article by clicking the Subscribe button at the top right of this form. The workaround consists in modifying the Script Include "SAML2_custom", overriding the function "doLogoutResponse" and bypassing the "this.isOk" IF condition.

Top ServiceNow Defects

9.4Defect ID: PRB1954123
Instance access issues due to Mutual TLS (mTLS) enablement on Zurich instances
8.5Defect ID: PRB1611377
CMDB Baseline creation job causing app node out of memory when a CI has a huge number of records referencing it
8.5Defect ID: PRB1788540
AWS Events Driven discovery is overloading Default Semaphores.
8.5Defect ID: PRB1871576
Data visualization can be accessed by anyone with URL to visualization designer
8.5Defect ID: PRB1928008
Upgrade to Yokohama releases can hang for Haraka enabled instance because of contention on kagami query registrar

Ready to prevent the next vendor outage?

Get a demo

ServiceNow - Defect ID: PRB1558447

IDP-initiated Single Logout fails when Session Index is not present in SAML XML Request

ServiceNow - Defect ID: PRB1558447

IDP-initiated Single Logout fails when Session Index is not present in SAML XML Request

Last updated on December 7th, 2022

BugZero Risk Score
5.8 Medium

Bug Details

Description

Workaround

Related Problem

Links

Top ServiceNow Defects

Ready to prevent the next vendor outage?

ServiceNow - Defect ID: PRB1558447

IDP-initiated Single Logout fails when Session Index is not present in SAML XML Request

ServiceNow - Defect ID: PRB1558447

IDP-initiated Single Logout fails when Session Index is not present in SAML XML Request

Last updated on December 7th, 2022

BugZero Risk Score5.8 Medium

Bug Details

Description

Workaround

Related Problem

Links

Top ServiceNow Defects

Ready to prevent the next vendor outage?

BugZero Risk Score
5.8 Medium