Vulnerability Details CVE-2026-31982
An Open Redirect vulnerability was discovered in the SAML Single Sign-On functionality due to insufficient validation of a user-controlled redirection parameter. An unauthenticated attacker can craft a request to the SAML sign-in endpoint and poison the cached SAML redirection for other users who subsequently initiate SAML Single Sign-On, enabling phishing and credential-theft attacks, as well as disrupting SAML authentication for all affected users.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 6.2%
CVSS Severity
CVSS v3 Score 7.1
Products affected by CVE-2026-31982
-
cpe:2.3:a:nozominetworks:cmc:22.0.0
-
cpe:2.3:a:nozominetworks:cmc:22.5.2
-
cpe:2.3:a:nozominetworks:cmc:22.6.0
-
cpe:2.3:a:nozominetworks:cmc:22.6.2
-
cpe:2.3:a:nozominetworks:cmc:22.6.3
-
cpe:2.3:a:nozominetworks:cmc:23.0.0
-
cpe:2.3:a:nozominetworks:cmc:23.1.0
-
cpe:2.3:a:nozominetworks:cmc:23.3.0
-
cpe:2.3:a:nozominetworks:cmc:24.2.0
-
cpe:2.3:a:nozominetworks:cmc:25.2.0
-
cpe:2.3:a:nozominetworks:cmc:25.3.0
-
cpe:2.3:a:nozominetworks:guardian:19.0.4
-
cpe:2.3:a:nozominetworks:guardian:22.0.0
-
cpe:2.3:a:nozominetworks:guardian:22.5.2
-
cpe:2.3:a:nozominetworks:guardian:22.6.0
-
cpe:2.3:a:nozominetworks:guardian:22.6.2
-
cpe:2.3:a:nozominetworks:guardian:22.6.3
-
cpe:2.3:a:nozominetworks:guardian:23.0.0
-
cpe:2.3:a:nozominetworks:guardian:23.1.0
-
cpe:2.3:a:nozominetworks:guardian:23.3.0
-
cpe:2.3:a:nozominetworks:guardian:24.2.0
-
cpe:2.3:a:nozominetworks:guardian:25.2.0
-
cpe:2.3:a:nozominetworks:guardian:25.3.0