Lucene search
K

146 matches found

CNNVD
CNNVD
added 2021/08/11 12:0 a.m.5 views

Palo Alto Networks PAN-OS 授权问题漏洞

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks, Inc. for its firewall appliances. A security vulnerability exists in the Palo Alto Networks PAN-OS software that allows a SAML-authenticated attacker to impersonate any other user in the GlobalProtect portal and...

6.8CVSS6.6AI score0.01116EPSS
Exploits0References4
OSV
OSV
added 2021/08/05 9:15 p.m.5 views

CVE-2021-22920

A vulnerability has been discovered in Citrix ADC formerly known as NetScaler ADC and Citrix Gateway formerly known as NetScaler Gateway, and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to a phishing attack through a...

6.5CVSS6.5AI score0.00918EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/06/29 12:0 a.m.6 views

The vulnerability of FortiWeb web applications’ network firewalls arises from the failure to take measures to neutralize special elements used in the operating system’s command set. This vulnerability allows attackers to execute arbitrary commands.

The vulnerability of FortiWeb web applications’ network firewalls exists due to the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely, using the SAML serve...

9CVSS8.3AI score0.7727EPSS
Exploits2References4Affected Software1
OSV
OSV
added 2021/02/10 6:15 p.m.5 views

CVE-2021-3033

An improper verification of cryptographic signature vulnerability exists in the Palo Alto Networks Prisma Cloud Compute console. This vulnerability enables an attacker to bypass signature validation during SAML authentication by logging in to the Prisma Cloud Compute console as any authorized use...

9.8CVSS7.3AI score0.01211EPSS
Exploits0References1
CNVD
CNVD
added 2021/01/04 12:0 a.m.1 views

Rocket.Chat Authorization Issues Vulnerability

Rocket.Chat is an open source team chat software. A security vulnerability exists in Rocket.Chat that stems from incorrectly handling SAML logins. No details of the vulnerability are provided at this time...

9.8CVSS6.9AI score0.01613EPSS
Exploits0References1
OSV
OSV
added 2020/12/21 7:15 p.m.5 views

CVE-2020-35604

An XXE attack can occur in Kronos WebTA 5.0.4 when SAML is used...

9.8CVSS7.3AI score0.01631EPSS
Exploits1References1
OSV
OSV
added 2020/10/16 9:15 p.m.5 views

CVE-2020-1677

When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle child elements in SAML responses, allowing a remote attacker to modify a valid SAML response without invalidating its cryptographic signature to bypass SAML authentication security controls. This issue...

7.2CVSS5.8AI score0.0042EPSS
Exploits0References1
OSV
OSV
added 2020/10/16 9:15 p.m.5 views

CVE-2020-1675

When Security Assertion Markup Language SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly process invalid authentication certificates which could allow a malicious network-based user to access unauthorized data. This issue affects all Juniper Networks Mist Cloud UI...

8.3CVSS5.8AI score0.00574EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/08/11 12:0 a.m.7 views

The vulnerability of the Security Assertion Markup Language (SAML) implementation in the PAN-OS operating system allows a perpetrator to increase their privileges.

The vulnerability of the Security Assertion Markup Language SAML implementation in the PAN-OS operating system is related to incorrect verification of the cryptographic signature. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely, provided that the SAM...

10CVSS7.7AI score0.04362EPSS
Exploits1References4Affected Software1
Snyk
Snyk
added 2019/09/20 1:10 p.m.3 views

Insecure Randomness

Overview org.pac4j:pac4j-saml is an is PAC4J package for the SAML Protocol. Affected versions of this package are vulnerable to Insecure Randomness. A insecure source of randomness is used to generate all of its random values as it relies upon apache commons lang3 RandomStringUtils. This SAML...

4.9CVSS7AI score0.0113EPSS
Exploits0References2
OSV
OSV
added 2019/06/20 7:15 p.m.5 views

CVE-2018-15913

An issue was discovered in Cloudera Manager 5.x through 5.15.0. One type of page in Cloudera Manager uses a 'returnUrl' parameter to redirect the user to another page in Cloudera Manager once a wizard is completed. The validity of this parameter was not checked. As a result, the user could be...

6.1CVSS5.5AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2019/04/25 12:0 a.m.7 views

The vulnerability of the register_hooks() function in the Apache HTTP Server’s web server, related to the possibility of bypassing authentication, allows attackers to circumvent existing access control mechanisms.

The vulnerability of the registerhooks function modauthmellon in the Apache HTTP Server is related to the possibility of bypassing authentication by executing a special SAML ECP. Exploiting this vulnerability allows a malicious actor to circumvent existing access control mechanisms by using...

8.5CVSS7.4AI score0.02969EPSS
Exploits1References4Affected Software2
RedHat Linux
RedHat Linux
added 2019/04/16 2:49 p.m.8 views

mod_auth_mellon: authentication bypass in ECP flow

A vulnerability was found in modauthmellon. If Apache is configured as a reverse proxy and modauthmellon is configured to only let through authenticated users with the require valid-user directive, adding special HTTP headers that are normally used to start the special SAML ECP non-browser based...

8.1CVSS5.7AI score0.02969EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2018/11/13 6:20 p.m.5 views

keycloak: auth permitted with expired certs in SAML client

It was found that SAML authentication in Keycloak 3.4.3.Final incorrectly authenticated expired certificates. A malicious user could use this to access unauthorized data or possibly conduct further attacks...

5.5CVSS5.8AI score0.00352EPSS
Exploits0References4
OSV
OSV
added 2018/09/13 2:29 p.m.3 views

CVE-2018-5549

On BIG-IP APM 11.6.0-11.6.3.1, 12.1.0-12.1.3.3, 13.0.0, and 13.1.0-13.1.0.3, APMD may core when processing SAML Assertion or response containing certain elements...

7.5CVSS5.8AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2018/04/18 12:0 a.m.5 views

PT-2018-1772 · Cisco · Cisco Ftd +2

Name of the Vulnerable Software and Affected Versions: Cisco AnyConnect Secure Mobility Client, Cisco Adaptive Security Appliance ASA Software, and Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the implementation of Security Assertion...

6.5CVSS6.6AI score0.03577EPSS
Exploits0References8
CNVD
CNVD
added 2018/03/06 12:0 a.m.4 views

SimpleSAMLphp Incorrect Signature Validation Vulnerability

SimpleSAMLphp is a set of PHP authentication applications that implement the SAML 2.0 Service Provider and Identity Provider functionality. the SAML2 library is one of the Security Assertion Markup Language libraries . A security vulnerability exists in the HTTPRedirect.php file of the SAML2...

8.1CVSS7AI score0.01221EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2017/11/14 8:51 p.m.3 views

keycloak: SAML request parser replaces special strings with system properties

It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID fie...

6.5CVSS6.6AI score0.02457EPSS
Exploits0References4
OSV
OSV
added 2017/11/02 3:29 p.m.4 views

CVE-2017-10873

OpenAM Open Source Edition allows an attacker to bypass authentication and access unauthorized contents via unspecified vectors. Note that this vulnerability affects OpenAM Open Source Edition implementations configured as SAML 2.0IdP, and switches authentication methods based on AuthnContext...

8.1CVSS5.8AI score0.02625EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2017/09/26 5:58 p.m.4 views

keycloak: SAML request parser replaces special strings with system properties

It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID fie...

6.5CVSS6.6AI score0.02457EPSS
Exploits0References4
Rows per page
Query Builder