CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS
Percentile
82.1%
A vulnerability in ipsilon 2.0 before 2.0.2, 1.2 before 1.2.1, 1.1 before 1.1.2, and 1.0 before 1.0.3 was found that allows attacker to log out active sessions of other users. This issue is related to how it tracks sessions, and allows an unauthenticated attacker to view and terminate active sessions from other users. It is also called a “SAML2 multi-session vulnerability.”
rhn.redhat.com/errata/RHSA-2016-2809.html
www.securityfocus.com/bid/94439
access.redhat.com/errata/RHSA-2016:2809
access.redhat.com/security/cve/CVE-2016-8638
bugzilla.redhat.com/show_bug.cgi?id=1392829
bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8638
github.com/advisories/GHSA-376m-3rm2-9jm6
github.com/ipsilon-project/ipsilon/commit/1c48414877fc110652b6078a29529972c7ec9122
github.com/ipsilon-project/ipsilon/commit/64fc366c054fc6af1d9d2692902db169884b5f78
github.com/ipsilon-project/ipsilon/commit/a33303b6beb5c316d7c18b23566b7666a4e307a4
github.com/ipsilon-project/ipsilon/commit/b4744a92d4fa7f6d7ade0ae2d99a2dc0ea94734d
ipsilon-project.org/advisory/CVE-2016-8638.txt
ipsilon-project.org/release/2.1.0.html
nvd.nist.gov/vuln/detail/CVE-2016-8638
pagure.io/ipsilon/c/511fa8b7001c2f9a42301aa1d4b85aaf170a461c
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS
Percentile
82.1%