66 matches found
CVE-2025-25207 Rhcl: authpolicy callbacks result in denial of service in authorino severity
The Authorino service in the Red Hat Connectivity Link is the authorization service for zero trust API security. Authorino allows the users with developer persona to add callbacks to be executed to HTTP endpoints once the authorization process is completed. It was found that an attacker with...
CVE-2025-25207 Rhcl: authpolicy callbacks result in denial of service in authorino severity
The Authorino service in the Red Hat Connectivity Link is the authorization service for zero trust API security. Authorino allows the users with developer persona to add callbacks to be executed to HTTP endpoints once the authorization process is completed. It was found that an attacker with...
CVE-2021-42000
When a password reset or password change flow with an authentication policy is configured and the adapter in the reset or change policy supports multiple parallel reset flows, an existing user can reset another existing users password...
CVE-2020-27951
This issue was addressed with improved checks. This issue is fixed in watchOS 6.3, iOS 12.5, iOS 14.3 and iPadOS 14.3, watchOS 7.2. Unauthorized code execution may lead to an authentication policy violation...
[NetScaler-AAA] The Radius action cannot be performed in nFactor auth
In nFactor auth, the Radius action is the second factor but cannot be performed. nFactor flow is simple and is like below: AAA vServer: DomainRadiusvS Login Schema: DualAuthSchema Authn Policy: DomainLDAPPol Expression: true Action: LDAPAct Next Factor if Success: RadiusPollable Login Schema:...
pam bug fix update
An update is available for pam. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Pluggable Authentication Modules PAM provide a system to set up authentication...
[SECURITY] Fedora 41 Update: pam-1.6.1-7.fc41
PAM Pluggable Authentication Modules is a system security tool that allows system administrators to set authentication policy without having to recompile programs that handle authentication...
CVE-2023-20247
A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to bypass a configured multiple certificate authentication policy and connect using only a valid...
CVE-2023-4951 Cross Site Scripting (XSS) Issue on "Client Based Authentication Policy Configuration" Screen
A cross site scripting issue was discovered with the pagination function on the "Client-based Authentication Policy Configuration" screen of the GreenRADIUS web admin interface. This issue is found in GreenRADIUS v5.1.1.1 and prior. A fix was included in v5.1.2.2...
[NetScaler] Error "KB Questions and Asnwers not registered" with LDAP KBAttribute
In a SSPR nFactor configuration. You may observe error "KB Questions and Asnwers not registered" when login with LDAP password and can't move to the next AAA factor. Triggers are: The LDAP factor has noschema boundInherits username & password from a previous factor. LDAP action has KBAttribute...
[Citrix Gateway] "Cannot complete your request" error after adding EPA configuration
In Citrix Gateway deployment, You may encounter "Cannot complete your request" error if adding a new EPA policy in AAA vServer. For example, you have the following existing configuration to implement post EPA scan based on group name: add authentication Policy NoAuthGroup01 -rule...
CVE-2022-23722
When a password reset mechanism is configured to use the Authentication API with an Authentication Policy, email One-Time Password, PingID or SMS authentication, an existing user can reset another existing user’s password...
CVE-2022-23722
When a password reset mechanism is configured to use the Authentication API with an Authentication Policy, email One-Time Password, PingID or SMS authentication, an existing user can reset another existing user’s password...
Authentication flaw
When a password reset mechanism is configured to use the Authentication API with an Authentication Policy, email One-Time Password, PingID or SMS authentication, an existing user can reset another existing user’s password...
CVE-2022-23722
PingFederate Password Reset vulnerability (CVE-2022-23722): when the password-reset mechanism uses the Authentication API with an Authentication Policy, email OTP, PingID, or SMS, an existing user can reset another user’s password. The connected sources describe the issue and its impact but do no...
CVE-2022-23722 PingFederate Password Reset via Authentication API Mishandling
When a password reset mechanism is configured to use the Authentication API with an Authentication Policy, email One-Time Password, PingID or SMS authentication, an existing user can reset another existing user’s password...
Ping Identity PingFederate授权问题漏洞
Ping Identity PingFederate is a flagship software-based federation server in the United States. for identity management. Ping Identity PingFederate has a security vulnerability that can be exploited by an existing user to reset the password of another existing user when the password reset mechani...
CVE-2020-36519
Mimecast Email Security before 2020-01-10 allows any admin to spoof any domain, and pass DMARC alignment via SPF. This occurs through misuse of the address rewrite feature. The domain being spoofed must be a customer in the Mimecast grid from which the spoofing occurs...
CVE-2021-42000
When a password reset or password change flow with an authentication policy is configured and the adapter in the reset or change policy supports multiple parallel reset flows, an existing user can reset another existing users password...
CVE-2021-42000
When a password reset or password change flow with an authentication policy is configured and the adapter in the reset or change policy supports multiple parallel reset flows, an existing user can reset another existing users password...