146 matches found
Palo Alto Networks PAN-OS 授权问题漏洞
Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks, Inc. for its firewall appliances. A security vulnerability exists in the Palo Alto Networks PAN-OS software that allows a SAML-authenticated attacker to impersonate any other user in the GlobalProtect portal and...
CVE-2021-22920
A vulnerability has been discovered in Citrix ADC formerly known as NetScaler ADC and Citrix Gateway formerly known as NetScaler Gateway, and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to a phishing attack through a...
The vulnerability of FortiWeb web applications’ network firewalls arises from the failure to take measures to neutralize special elements used in the operating system’s command set. This vulnerability allows attackers to execute arbitrary commands.
The vulnerability of FortiWeb web applications’ network firewalls exists due to the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely, using the SAML serve...
CVE-2021-3033
An improper verification of cryptographic signature vulnerability exists in the Palo Alto Networks Prisma Cloud Compute console. This vulnerability enables an attacker to bypass signature validation during SAML authentication by logging in to the Prisma Cloud Compute console as any authorized use...
Rocket.Chat Authorization Issues Vulnerability
Rocket.Chat is an open source team chat software. A security vulnerability exists in Rocket.Chat that stems from incorrectly handling SAML logins. No details of the vulnerability are provided at this time...
CVE-2020-35604
An XXE attack can occur in Kronos WebTA 5.0.4 when SAML is used...
CVE-2020-1677
When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle child elements in SAML responses, allowing a remote attacker to modify a valid SAML response without invalidating its cryptographic signature to bypass SAML authentication security controls. This issue...
CVE-2020-1675
When Security Assertion Markup Language SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly process invalid authentication certificates which could allow a malicious network-based user to access unauthorized data. This issue affects all Juniper Networks Mist Cloud UI...
The vulnerability of the Security Assertion Markup Language (SAML) implementation in the PAN-OS operating system allows a perpetrator to increase their privileges.
The vulnerability of the Security Assertion Markup Language SAML implementation in the PAN-OS operating system is related to incorrect verification of the cryptographic signature. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely, provided that the SAM...
Insecure Randomness
Overview org.pac4j:pac4j-saml is an is PAC4J package for the SAML Protocol. Affected versions of this package are vulnerable to Insecure Randomness. A insecure source of randomness is used to generate all of its random values as it relies upon apache commons lang3 RandomStringUtils. This SAML...
CVE-2018-15913
An issue was discovered in Cloudera Manager 5.x through 5.15.0. One type of page in Cloudera Manager uses a 'returnUrl' parameter to redirect the user to another page in Cloudera Manager once a wizard is completed. The validity of this parameter was not checked. As a result, the user could be...
The vulnerability of the register_hooks() function in the Apache HTTP Server’s web server, related to the possibility of bypassing authentication, allows attackers to circumvent existing access control mechanisms.
The vulnerability of the registerhooks function modauthmellon in the Apache HTTP Server is related to the possibility of bypassing authentication by executing a special SAML ECP. Exploiting this vulnerability allows a malicious actor to circumvent existing access control mechanisms by using...
mod_auth_mellon: authentication bypass in ECP flow
A vulnerability was found in modauthmellon. If Apache is configured as a reverse proxy and modauthmellon is configured to only let through authenticated users with the require valid-user directive, adding special HTTP headers that are normally used to start the special SAML ECP non-browser based...
keycloak: auth permitted with expired certs in SAML client
It was found that SAML authentication in Keycloak 3.4.3.Final incorrectly authenticated expired certificates. A malicious user could use this to access unauthorized data or possibly conduct further attacks...
CVE-2018-5549
On BIG-IP APM 11.6.0-11.6.3.1, 12.1.0-12.1.3.3, 13.0.0, and 13.1.0-13.1.0.3, APMD may core when processing SAML Assertion or response containing certain elements...
PT-2018-1772 · Cisco · Cisco Ftd +2
Name of the Vulnerable Software and Affected Versions: Cisco AnyConnect Secure Mobility Client, Cisco Adaptive Security Appliance ASA Software, and Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the implementation of Security Assertion...
SimpleSAMLphp Incorrect Signature Validation Vulnerability
SimpleSAMLphp is a set of PHP authentication applications that implement the SAML 2.0 Service Provider and Identity Provider functionality. the SAML2 library is one of the Security Assertion Markup Language libraries . A security vulnerability exists in the HTTPRedirect.php file of the SAML2...
keycloak: SAML request parser replaces special strings with system properties
It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID fie...
CVE-2017-10873
OpenAM Open Source Edition allows an attacker to bypass authentication and access unauthorized contents via unspecified vectors. Note that this vulnerability affects OpenAM Open Source Edition implementations configured as SAML 2.0IdP, and switches authentication methods based on AuthnContext...
keycloak: SAML request parser replaces special strings with system properties
It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID fie...