Lucene search

CVE-2020-12676

🗓️ 02 Oct 2020 20:12:15Reported by [email protected]Type

FusionAuth 0.2.3 allows Signature exclusion attac

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 6
0day.today	FusionAuth SAML v 2 0.2.3 Message Forging Vulnerability	3 Oct 202000:00	–	zdt
Cvelist	CVE-2020-12676	2 Oct 202019:40	–	cvelist
CVE	CVE-2020-12676	2 Oct 202020:15	–	cve
Packet Storm	FusionAuth-SAMLv2 0.2.3 Message Forging	2 Oct 202000:00	–	packetstorm
Prion	Authentication flaw	2 Oct 202020:15	–	prion
RedhatCVE	CVE-2020-12676	22 May 202517:50	–	redhatcve

Nvd

Node

fusionauth samlv2Match0.2.3

Source	Link
github	www.github.com/SAMLRaider/SAMLRaider
compass-security	www.compass-security.com/fileadmin/Research/Advisories/2020-06_CSNC-2020-002_FusionAuth_Signature_Exclusion_Attack.txt
nds	www.nds.ruhr-uni-bochum.de/media/nds/veroeffentlichungen/2012/08/22/BreakingSAML_3.pdf
seclists	www.seclists.org/fulldisclosure/2020/Oct/1
packetstormsecurity	www.packetstormsecurity.com/files/159454/FusionAuth-SAMLv2-0.2.3-Message-Forging.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

02 Oct 2020 20:15Current

CVSS26.4

CVSS39.1

EPSS0.00532

CWE-347