Lucene search
China National Vulnerability DatabaseCNVD-2022-04989HistoryJan 12, 2022 - 12:00 a.m.
Apache Guacamole authorization issue vulnerability
2022-01-1200:00:00
China National Vulnerability Database
www.cnvd.org.cn
21
apache guacamole
saml
validation
EPSS
0.001
Percentile
44.7%
Apache Guacamole is a clientless remote desktop gateway from the Apache Foundation in the United States. The product supports protocols such as VNC, RDP, and SSH. A security vulnerability exists in Apache Guacamole 1.2.0 and 1.3.0, which stems from the failure of Apache Guacamole 1.2.0 and 1.3.0 to properly validate responses received from the SAML identity provider. If SAML support is enabled, this could allow a malicious user to impersonate another Guacamole user. No detailed vulnerability details are currently available.
Related
cve
cve
CVE-2021-43999
2022-01-11 22:15:07
cvelist
cvelist
CVE-2021-43999 Improper validation of SAML responses
2022-01-11 22:10:12
nvd
nvd
CVE-2021-43999
2022-01-11 22:15:07
osv
osv
CVE-2021-43999
2022-01-11 22:15:07
BIT-guacamole-2021-43999
2024-03-06 10:53:24
BIT-guacamole-server-2021-43999
2024-03-06 10:53:22
ubuntucve
ubuntucve
CVE-2021-43999
2022-01-11 00:00:00
prion
prion
Code injection
2022-01-11 22:15:00
veracode
veracode
Information Disclosure
2022-01-12 11:26:42
debiancve
debiancve
CVE-2021-43999
2022-01-11 22:15:00
openvas
openvas
Apache Guacamole < 1.4.0 Multiple Vulnerabilities
2022-01-12 00:00:00