CVE-2025-64099 Overview
CVE-2025-64099 affects Open Access Management (OpenAM), an open-source access management solution maintained by the Open Identity Platform. The vulnerability exists in versions prior to 16.0.0 when the claims_parameter_supported parameter is enabled. Attackers can exploit the oidc-claims-extension.groovy script to inject arbitrary values into claims contained in the id_token or user_info response. This injection enables identity spoofing against any client application that trusts OpenAM-issued claims for user identification. The vulnerability is tracked as CWE-74: Improper Neutralization of Special Elements in Output. Version 16.0.0 resolves the issue.
Critical Impact
Attackers can forge OpenID Connect claims to impersonate arbitrary users, bypassing authentication controls in any downstream client that relies on injected claim values such as email address.
Affected Products
- Open Identity Platform OpenAM versions prior to 16.0.0
- OpenAM deployments with claims_parameter_supported enabled
- OpenID Connect (OIDC) relying parties consuming OpenAM id_token or user_info claims
Discovery Timeline
- 2025-11-12 - CVE-2025-64099 published to NVD
- 2026-04-15 - Last updated in NVD database
Technical Details for CVE-2025-64099
Vulnerability Analysis
The vulnerability is a claims injection flaw in the OpenID Connect (OIDC) implementation of OpenAM. When claims_parameter_supported is activated, the authorization endpoint accepts a claims parameter containing a JSON document. The oidc-claims-extension.groovy script processes this input without enforcing trust boundaries on the values being asserted.
An attacker submits a crafted claims request parameter to the /authorize endpoint. The Groovy extension propagates attacker-controlled values into the issued id_token and user_info response. Downstream clients receive tokens that appear cryptographically valid and signed by the trusted authorization server.
The impact scales with how relying parties consume claims. Applications that key user accounts on the email claim are particularly exposed. An attacker can assert any email address and assume the identity of the corresponding user inside that application.
Root Cause
The oidc-claims-extension.groovy script lacks input validation and neutralization on values supplied through the OIDC claims request parameter. Attacker-supplied JSON content flows directly into the claim set returned to clients, allowing override of authoritative identity attributes.
Attack Vector
Exploitation requires network access to the OpenAM authorization endpoint and no prior authentication. The attacker constructs an authorization request that includes a claims parameter containing a JSON object specifying the desired override values for id_token or userinfo claims. After completing the authorization flow under their own account, the attacker receives a token containing the injected values and presents it to a vulnerable relying party.
No verified public proof-of-concept is available. Refer to the GitHub Security Advisory GHSA-39hr-239p-fhqc for technical details from the maintainers.
Detection Methods for CVE-2025-64099
Indicators of Compromise
- Authorization requests to /oauth2/authorize containing a claims query parameter with JSON specifying email, sub, preferred_username, or other identity attributes
- id_token issuance events where claim values do not match the authenticated subject in the OpenAM user store
- Application-layer logins where the OIDC sub and email claims map to different OpenAM principals than expected
Detection Strategies
- Inspect OpenAM access logs for HTTP requests containing the claims= parameter and decode embedded JSON for unexpected attribute overrides
- Correlate authentication events in OpenAM against downstream relying party login records to identify identity mismatches
- Enable verbose logging in the oidc-claims-extension.groovy script execution path to capture inbound claim override requests
Monitoring Recommendations
- Alert on any use of the claims request parameter if your deployment does not legitimately require it
- Monitor for spikes in /authorize endpoint traffic from unusual source IP ranges
- Track issued id_token payloads and flag tokens where claim values diverge from the authoritative identity store
How to Mitigate CVE-2025-64099
Immediate Actions Required
- Upgrade OpenAM to version 16.0.0, which contains the fix for this vulnerability
- If immediate upgrade is not possible, disable claims_parameter_supported in the OIDC provider configuration
- Audit all OIDC relying parties that rely on OpenAM-issued claims for user identification, particularly those using email as a primary key
- Review historical authorization logs for prior abuse of the claims request parameter
Patch Information
The Open Identity Platform released OpenAM 16.0.0 to address this vulnerability. The fix is documented in the GitHub Security Advisory GHSA-39hr-239p-fhqc. Administrators should test the upgrade in a staging environment before production rollout due to the major version change.
Workarounds
- Set claims_parameter_supported to false in the OIDC provider advanced configuration to block the injection vector
- Deploy a reverse proxy or web application firewall rule that strips the claims parameter from inbound /authorize requests
- Reconfigure relying parties to identify users by the sub claim verified against OpenAM rather than mutable attributes such as email
- Restrict access to the OpenAM authorization endpoint by network segmentation where feasible
# Disable claims_parameter_supported via ssoadm (workaround)
ssoadm set-attr-defs \
-s OAuth2Provider \
-t organization \
-e / \
-u amadmin \
-f /path/to/passwordfile \
-a forgerock-oauth2-provider-claims-parameter-supported=false
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

