CVE-2025-64099 Overview
CVE-2025-64099 is a claims parameter injection vulnerability in Open Identity Platform's Open Access Management (OpenAM), an open-source access management solution. The flaw affects all versions prior to 16.0.0 when the claims_parameter_supported configuration option is enabled. Attackers can abuse the oidc-claims-extension.groovy script to inject arbitrary values into claims returned in id_token or user_info responses. This enables identity spoofing against any relying party that trusts OpenID Connect claim values such as email for user identification. The vendor released version 16.0.0 to remediate the issue.
Critical Impact
Unauthenticated attackers can inject arbitrary claim values into OpenID Connect tokens and impersonate any user against downstream clients that rely on those claims for identity.
Affected Products
- Open Identity Platform OpenAM versions prior to 16.0.0
- OpenAM deployments with claims_parameter_supported enabled
- OpenID Connect relying parties consuming OpenAM-issued id_token or user_info claims
Discovery Timeline
- 2025-11-12 - CVE-2025-64099 published to NVD
- 2026-04-15 - Last updated in NVD database
Technical Details for CVE-2025-64099
Vulnerability Analysis
The vulnerability is classified as [CWE-74] Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection). It resides in OpenAM's OpenID Connect authorize flow when claims_parameter_supported is activated.
The OpenID Connect specification permits clients to request specific claims by passing a JSON claims parameter to the authorize endpoint. In vulnerable OpenAM versions, the oidc-claims-extension.groovy script processes this JSON without enforcing constraints on the values returned. An attacker can supply attacker-controlled values that overwrite the claims contained in the issued id_token and user_info responses.
Downstream applications that map a claim such as email or sub to an internal user identity will accept the forged value. This produces full identity assumption against any client trusting OpenAM as an identity provider.
Root Cause
The Groovy claims extension script merges client-supplied claim values from the authorize request into the issued tokens without distinguishing between identity-provider-asserted values and request-supplied values. The trust boundary between the relying party request and the identity provider's own user store is not enforced.
Attack Vector
The attack is network-reachable, requires no authentication, and no user interaction. An attacker initiates an OpenID Connect authorization request to a vulnerable OpenAM instance. The request includes a claims parameter containing a JSON object that specifies the desired values for claims such as email, preferred_username, or sub. OpenAM returns an id_token and user_info response containing the attacker-chosen values. The attacker presents these tokens to any client that derives user identity from the manipulated claim. See the GitHub Security Advisory for the vendor description.
Detection Methods for CVE-2025-64099
Indicators of Compromise
- Authorize requests to OpenAM containing a claims query parameter with explicit value fields for sensitive claims such as email, sub, or preferred_username
- Issued id_token payloads where claim values do not match the authenticated user's profile in the OpenAM identity store
- Application logs showing successful logins for accounts that did not authenticate directly against OpenAM during the corresponding session
- Multiple sessions for distinct downstream identities tied to the same upstream OpenAM authentication event
Detection Strategies
- Parse OpenAM access logs for /oauth2/authorize requests containing the claims= parameter and decode the embedded JSON for inspection
- Compare claim values in issued tokens against the authoritative user directory and alert on mismatches
- Inventory all OpenAM realms and check whether claims_parameter_supported is set to true in OIDC provider configuration
Monitoring Recommendations
- Forward OpenAM authentication, authorization, and token issuance events to a centralized log platform for correlation with downstream application sign-in events
- Monitor for anomalous spikes in authorize requests containing the claims parameter from a single source IP or client_id
- Alert when issued id_token claims diverge from the subject's stored attributes in the user directory
How to Mitigate CVE-2025-64099
Immediate Actions Required
- Upgrade Open Identity Platform OpenAM to version 16.0.0 or later, which contains the vendor fix
- If immediate upgrade is not possible, disable claims_parameter_supported in the OIDC provider configuration for every affected realm
- Audit downstream relying parties to identify which applications rely on OpenAM claims such as email or sub for identity decisions
- Invalidate active OAuth and OIDC sessions issued by vulnerable OpenAM instances after remediation
Patch Information
Open Identity Platform released OpenAM version 16.0.0, which corrects the claims handling logic in oidc-claims-extension.groovy. Patch details and source changes are documented in the GitHub Security Advisory GHSA-39hr-239p-fhqc.
Workarounds
- Set claims_parameter_supported to false in the OIDC provider configuration until the upgrade is applied
- Modify the oidc-claims-extension.groovy script to ignore request-supplied claim values and source all identity claims from the authoritative user profile
- Configure relying parties to validate critical claims against an out-of-band source rather than trusting OpenAM-issued values directly
# Disable the claims parameter on the OIDC provider in OpenAM
# (apply per realm via the OpenAM admin console or ssoadm)
ssoadm set-attr-defs \
-s OAuth2Provider \
-t organization \
-e <realm> \
-a claims_parameter_supported=false
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
