Lucene search

K

RedhatCVELIST:CVE-2015-5217

HistoryNov 17, 2015 - 3:00 p.m.

CVE-2015-5217

2015-11-1715:00:00

redhat

www.cve.org

5.9 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.2%

providers/saml2/admin.py in the Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.1 does not properly check permissions to update the SAML2 Service Provider (SP) owner, which allows remote authenticated users to cause a denial of service via a duplicate SP name.

References

www.openwall.com/lists/oss-security/2015/10/27/8

bugzilla.redhat.com/show_bug.cgi?id=1255172

fedorahosted.org/ipsilon/wiki/Releases/v1.0.1

pagure.io/ipsilon/826e6339441546f596320f3d73304ab5f7c10de6

5.9 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.2%

Related for CVELIST:CVE-2015-5217

nvd1 prion1 cve1 fedora3 nessus3 openvas1