Lucene search
HistoryNov 17, 2015 - 3:59 p.m.
CVE-2015-5217
cve-2015-5217
ipsilon
identity provider
saml2
denial of service
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
5.8 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
69.3%
providers/saml2/admin.py in the Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.1 does not properly check permissions to update the SAML2 Service Provider (SP) owner, which allows remote authenticated users to cause a denial of service via a duplicate SP name.
Affected configurations
Node
ipsilon_projectipsilonMatch0.1.0
ORipsilon_projectipsilonMatch0.3.0
ORipsilon_projectipsilonMatch0.4.0
ORipsilon_projectipsilonMatch0.5.0
ORipsilon_projectipsilonMatch0.6.0
ORipsilon_projectipsilonMatch1.0.0
Related
prion
prion
Code injection
2015-11-17 15:59:00
cvelist
cvelist
CVE-2015-5217
2015-11-17 15:00:00
nvd
nvd
CVE-2015-5217
2015-11-17 15:59:01
nessus
nessus
Fedora 23 : ipsilon-1.0.0-5.fc23 (2015-13919)
2015-11-02 00:00:00
Fedora 23 : ipsilon-1.1.1-2.fc23 (2015-15291)
2015-11-09 00:00:00
Fedora 22 : ipsilon-1.1.1-2.fc22 (2015-15292)
2015-11-09 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: ipsilon-1.0.0-5.fc23
2015-11-01 03:39:07
[SECURITY] Fedora 22 Update: ipsilon-1.1.1-2.fc22
2015-11-08 09:51:46
[SECURITY] Fedora 23 Update: ipsilon-1.1.1-2.fc23
2015-11-08 06:57:01
openvas
openvas
Fedora Update for ipsilon FEDORA-2015-15292
2015-11-09 00:00:00
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
5.8 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
69.3%
Related for CVE-2015-5217