Lucene search

[email protected]CVE-2015-0277

HistoryAug 17, 2015 - 8:59 p.m.

CVE-2015-0277

2015-08-1720:59:00

CWE-284

[email protected]

web.nvd.nist.gov

picketlink

remote attackers

saml assertion

cve-2015-0277

7.4 High

AI Score

Confidence

High

6 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

78.9%

JSON

The Service Provider (SP) in PicketLink before 2.7.0 does not ensure that it is a member of an Audience element when an AudienceRestriction is specified, which allows remote attackers to log in to other users’ accounts via a crafted SAML assertion. NOTE: this identifier has been SPLIT per ADT2 due to different vulnerability types. See CVE-2015-6254 for lack of validation for the Destination attribute in a Response element in a SAML assertion.

CPENameOperatorVersion
picketlink:picketlinkpicketlinkle2.6.0

CPE	Name	Operator	Version
picketlink:picketlink	picketlink	le	2.6.0

References

rhn.redhat.com/errata/RHSA-2015-0846.html

rhn.redhat.com/errata/RHSA-2015-0847.html

rhn.redhat.com/errata/RHSA-2015-0848.html

rhn.redhat.com/errata/RHSA-2015-0849.html

bugzilla.redhat.com/show_bug.cgi?id=1194832

issues.jboss.org/browse/PLINK-678

7.4 High

AI Score

Confidence

High

6 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

78.9%

JSON

Related for CVE-2015-0277

prion2 cve1 nessus3 redhat3