Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-18659

Malware in sbrugna...

6.5CVSS6.5AI score0.00777EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 5:1 p.m.9 views

CVE-2020-26029

An issue was discovered in Zammad before 3.4.1. There are wrong authorization checks for impersonation requests via X-On-Behalf-Of. The authorization checks are performed for the actual user and not the one given in the X-On-Behalf-Of header...

6.5CVSS7AI score0.00777EPSS
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/11/22 6:0 p.m.27 views

How to investigate service provider trust chains in the cloud

In a recent Microsoft blog post, we documented technical guidance for organizations to protect themselves from the latest NOBELIUM activity that was found to target technology service providers, which are privileged in their downstream customer tenants, as a method to gain access to their...

7.3AI score
Exploits0
NVD
NVD
added 2020/12/28 8:15 a.m.19 views

CVE-2020-26029

An issue was discovered in Zammad before 3.4.1. There are wrong authorization checks for impersonation requests via X-On-Behalf-Of. The authorization checks are performed for the actual user and not the one given in the X-On-Behalf-Of header...

6.5CVSS6.5AI score0.00777EPSS
Exploits0References1
NVD
NVD
added 2019/08/14 9:15 p.m.41 views

CVE-2019-1258

An elevation of privilege vulnerability exists in Azure Active Directory Authentication Library On-Behalf-Of flow, in the way the library caches tokens. This vulnerability allows an authenticated attacker to perform actions in context of another user. The authenticated attacker can exploit this...

8.8CVSS8.6AI score0.03799EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2019/08/14 7:0 a.m.31 views

Azure Active Directory Authentication Library Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Azure Active Directory Authentication Library On-Behalf-Of flow, in the way the library caches tokens. This vulnerability allows an authenticated attacker to perform actions in context of another user. The authenticated attacker can exploit this...

8.8CVSS4.5AI score0.03799EPSS
Exploits0
CNVD
CNVD
added 2019/08/14 12:0 a.m.2 views

Microsoft Azure Active Directory Authentication Library Elevation of Privilege Vulnerability

Microsoft Azure Active Directory Authentication Library is an authentication library from Microsoft Corporation USA. This product allows client applications to authenticate users. An elevation of privilege vulnerability exists in On-Behalf-Of flow in the Azure Active Directory Authentication...

8.8CVSS7.3AI score0.03799EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/08/13 12:0 a.m.6 views

PT-2019-3054 · Microsoft · Azure Active Directory Authentication Library

Name of the Vulnerable Software and Affected Versions: Azure Active Directory Authentication Library affected versions not specified Description: The issue is related to insecure privilege management in the Azure Active Directory Authentication Library, specifically in the On-Behalf-Of flow, wher...

9CVSS6.7AI score0.03799EPSS
Exploits0References7
Rows per page
Query Builder