CVE-2009-5083

2011-08-12T17:55:00
ID CVE-2009-5083
Type cve
Reporter cve@mitre.org
Modified 2011-08-12T17:55:00

Description

IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when configured as an OpenID relying party, does not perform the expected login rejection upon receiving an OP-Identifier from an OpenID provider, which allows remote attackers to bypass authentication via unspecified vectors.