Authentication flaw
IBM Tivoli Federated Identity Manager TFIM and Tivoli Federated Identity Manager Business Gateway TFIMBG 6.1.1, 6.2.0, and 6.2.1 do not properly handle signature validations based on SAML 1.0, 1.1, and 2.0, which allows remote attackers to bypass intended authentication or authorization...