2 matches found
CVE-2019-13496
One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows OTP bypass via vectors involving a man in the middle, the One Identity Defender product, and replacing a failed SAML response with a successful SAML response...
One Identity Defender 5.9.3 Insecure Cryptographic Storage
Title: One Identity Defender - Insecure Cryptographic Storage Date: 01 September 2019 Affected Software: ================== One Identity Defender 5.9.3 Other versions are likely also vulnerable. Insecure Cryptographic Storage: ============================== Defender stores token seeds, PAP secret...