Lucene search
K

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/10/25 6:46 a.m.15 views

Security Bulletin: IBM Sterling Connect:Direct Web Services is uses xmltooling-1.4.4.jar, which contains a vulnerability

Summary IBM Sterling Connect:Direct Web Services uses Shibboleth Identity Provider, which could allow a remote attacker to bypass security restrictions. It's caused by an error in the PKIX trust component. Vulnerability Details CVEID:CVE-2015-1796 DESCRIPTION: Shibboleth Identity Provider could...

4.3CVSS6.4AI score0.01256EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2022/05/17 3:38 a.m.6 views

br.com.esec.icpm:certillion-client-library (>=1.1.7 <=1.2.0), br.com.esec.icpm:certillion-client-library-resteasy-plugin (>=1.1.9 <=1.1.10) +870 more potentially affected by CVE-2015-1796 via org.opensaml:opensaml (>=1.1 <=2.6.4)

org.opensaml:opensaml MAVEN version =1.1, =1.1.7, =1.1.9, =1.2.5, =1.2.1, =3.0.0, =12.1.0, =12.1.1, =12.1.2, =12.1.0, =12.1.4, =1.0.83-RC1, =1.0.88-RC1, =1.0.83-RC1, =1.0.112-RELEASE and more Source cves: CVE-2015-1796 Source advisory: OSV:GHSA-78FQ-W796-Q537...

4.3CVSS7.1AI score0.01256EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/25 2:37 p.m.49 views

Security Bulletin: IBM Resilient SOAR is using opensaml-2.6.4.jar that could be vulnerable to bypass security restrictions (CVE-2015-1796)

Summary opensaml-2.6.4.jar vulnerable to CVE-2015-1796, Shibboleth Identity Provider could allow a remote attacker to bypass security restrictions, caused by an error in the PKIX trust component. An attacker could exploit this vulnerability using a certificate issued by the shibmd:KeyAuthority...

4.3CVSS1.3AI score0.01256EPSS
Exploits0Affected Software1
UbuntuCve
UbuntuCve
added 2015/07/08 3:59 p.m.55 views

CVE-2015-1796

The PKIX trust engines in Shibboleth Identity Provider before 2.4.4 and OpenSAML Java OpenSAML-J before 2.6.5 trust candidate X.509 credentials when no trusted names are available for the entityID, which allows remote attackers to impersonate an entity via a certificate issued by a...

4.3CVSS7.1AI score0.01256EPSS
Exploits0References2
CVE
CVE
added 2015/07/08 3:0 p.m.157 views

CVE-2015-1796

The CVE-2015-1796 issue affects Shibboleth Identity Provider (IdP) and OpenSAML Java where PKIX trust engines can trust candidate X.509 credentials if no trusted names exist for the entityID. This allows remote impersonation via a certificate issued by a shibmd:KeyAuthority trust anchor. Affected...

4.3CVSS8.2AI score0.01256EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2015/06/23 4:52 p.m.51 views

Important: Red Hat Security Advisory: Red Hat JBoss A-MQ 6.2.0 update

Red Hat JBoss A-MQ 6.2.0, which fixes multiple security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores,...

7.5CVSS6.7AI score0.09149EPSS
Exploits1References8
Rows per page
Query Builder