Lucene search
K

6 matches found

EUVD
EUVD
added yesterday4 views

EUVD-2024-55648

The silent Just-In-Time JIT provisioning feature in federated authentication implementations fails to properly segregate user roles during account creation when a federated user shares a username with a local user. This allows the provisioning process to overwrite existing roles of local users wi...

4.8CVSS5.9AI score
Exploits0References1
CVE
CVE
added yesterday7 views

CVE-2024-1248

The CVE-2024-1248 entry describes a vulnerability in federated authentication that uses silent JIT provisioning. When a federated user shares a username with a local user, the provisioning process can overwrite the local user’s existing roles with roles from the federated IDP, effectively enablin...

4.8CVSS5.9AI score
Exploits0References1
OSV
OSV
added 2026/02/24 9:16 a.m.4 views

CVE-2024-1524

When the "Silent Just-In-Time Provisioning" feature is enabled for a federated identity provider IDP there is a risk that a local user store user's information may be replaced during the account provisioning process in cases where federated users share the same username as local users. There will...

8.1CVSS5.7AI score0.00261EPSS
Exploits0References1
NVD
NVD
added 2026/02/24 9:16 a.m.8 views

CVE-2024-1524

When the "Silent Just-In-Time Provisioning" feature is enabled for a federated identity provider IDP there is a risk that a local user store user's information may be replaced during the account provisioning process in cases where federated users share the same username as local users. There will...

8.1CVSS0.00261EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/24 8:51 a.m.5 views

CVE-2024-1524

When the "Silent Just-In-Time Provisioning" feature is enabled for a federated identity provider IDP there is a risk that a local user store user's information may be replaced during the account provisioning process in cases where federated users share the same username as local users. There will...

7.7CVSS5.3AI score0.00261EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2026/02/24 8:51 a.m.5 views

CVE-2024-1524 A local user can be impersonated when using federated authentication with Silent JIT Provisioning.

When the "Silent Just-In-Time Provisioning" feature is enabled for a federated identity provider IDP there is a risk that a local user store user's information may be replaced during the account provisioning process in cases where federated users share the same username as local users. There will...

7.7CVSS5.2AI score0.00261EPSS
Exploits0References1
Rows per page
Query Builder