Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistRedhatCVELIST:CVE-2015-1796
HistoryJul 08, 2015 - 3:00 p.m.

CVE-2015-1796

2015-07-0815:00:00
redhat
www.cve.org
4

AI Score

8.5

Confidence

High

EPSS

0.004

Percentile

72.9%

JSON

The PKIX trust engines in Shibboleth Identity Provider before 2.4.4 and OpenSAML Java (OpenSAML-J) before 2.6.5 trust candidate X.509 credentials when no trusted names are available for the entityID, which allows remote attackers to impersonate an entity via a certificate issued by a shibmd:KeyAuthority trust anchor.

Related

osv 1
github 1
ibm 5
prion 1
ubuntucve 1
nvd 1
cve 1
pentestit 1
redhat 2
osv
osv
Improper Certificate Validation in Shibboleth Identity Provider and OpenSAML
2022-05-17 03:38:17
github
github
Improper Certificate Validation in Shibboleth Identity Provider and OpenSAML
2022-05-17 03:38:17
ibm
ibm
Security Bulletin: IBM Resilient SOAR is using opensaml-2.6.4.jar that could be vulnerable to bypass security restrictions (CVE-2015-1796)
2021-02-25 14:37:56
Security Bulletin: IBM Tivoli Netcool Impact is affected by open source vulnerabilities
2018-07-18 09:46:57
Security Bulletin: Common vulnerabilities fixed in Cloudera Data Platform 7.1.9 HF2
2024-05-07 19:52:07
prion
prion
Design/Logic Flaw
2015-07-08 15:59:00
ubuntucve
ubuntucve
CVE-2015-1796
2015-07-08 00:00:00
nvd
nvd
CVE-2015-1796
2015-07-08 15:59:02
cve
cve
CVE-2015-1796
2015-07-08 15:59:02
pentestit
pentestit
UPDATE: OWASP Dependency-Check 5.0.0
2019-06-10 06:03:45
redhat
redhat
(RHSA-2015:1177) Important: Red Hat JBoss A-MQ 6.2.0 update
2015-06-23 16:46:14
(RHSA-2015:1176) Important: Red Hat JBoss Fuse 6.2.0 update
2015-06-23 16:46:09

AI Score

8.5

Confidence

High

EPSS

0.004

Percentile

72.9%

JSON
Related for CVELIST:CVE-2015-1796
osv1github1ibm5prion1ubuntucve1nvd1cve1pentestit1redhat2