CVE-2015-5253

2015-11-18T11:59:00
ID CVE-2015-5253
Type cve
Reporter NVD
Modified 2016-12-02T22:10:51

Description

The SAML Web SSO module in Apache CXF before 2.7.18, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allows remote authenticated users to bypass authentication via a crafted SAML response with a valid signed assertion, related to a "wrapping attack."