Rancher's SAML-based login via CLI can be denied by unauthenticated users

Impact A vulnerability has been identified within Rancher where it is possible for an unauthenticated user to list all CLI authentication tokens and delete them before the CLI is able to get the token value. This effectively prevents users from logging in via the CLI when using rancher token as t...

CVE-2023-34923

XML Signature Wrapping XSW in SAML-based Single Sign-on feature in TOPdesk v12.10.12 allows bad actors with credentials to authenticate with the Identity Provider IP to impersonate any TOPdesk user via SAML Response manipulation...

CVE-2023-34923

TOPdesk CVE-2023-34923 involves XML Signature Wrapping (XSW) in the SAML-based SSO of TOPdesk v12.10.12. The vulnerability affects the SAML Response handling and, per the description, allows attackers with valid credentials to authenticate with the Identity Provider and impersonate any TOPdesk us...

CVE-2023-34923

XML Signature Wrapping XSW in SAML-based Single Sign-on feature in TOPdesk v12.10.12 allows bad actors with credentials to authenticate with the Identity Provider IP to impersonate any TOPdesk user via SAML Response manipulation...

CVE-2023-34923

XML Signature Wrapping XSW in SAML-based Single Sign-on feature in TOPdesk v12.10.12 allows bad actors with credentials to authenticate with the Identity Provider IP to impersonate any TOPdesk user via SAML Response manipulation...

K05715414: Apache CloudStack vulnerability CVE-2016-3085

Security Advisory Description Apache CloudStack 4.5.x before 4.5.2.1, 4.6.x before 4.6.2.1, 4.7.x before 4.7.1.1, and 4.8.x before 4.8.0.1, when SAML-based authentication is enabled and used, allow remote attackers to bypass authentication and access the user interface via vectors related to the...

Zoho ManageEngine ServiceDesk Plus SAMLResponse command execution

Added: 02/17/2023 Background Zoho ManageEngine ServiceDesk Plus is IT helpdesk software. Problem A vulnerability in an outdated Apache Santuario library in ServiceDesk Plus allows a remote, unauthenticated attacker to execute arbitrary commands by sending a specially crafted SAMLResponse paramete...

Zoho ManageEngine Endpoint Central / MSP 10.1.2228.10 Remote Code Execution Exploit

This Metasploit module exploits an unauthenticated remote code execution vulnerability that affects Zoho ManageEngine Endpoint Central and MSP versions 10.1.2228.10 and below CVE-2022-47966. Due to a dependency to an outdated library Apache Santuario version 1.4.1, it is possible to execute...

Zoho ManageEngine ServiceDesk Plus 14003 Remote Code Execution Exploit

This Metasploit module exploits an unauthenticated remote code execution vulnerability that affects Zoho ManageEngine ServiceDesk Plus versions 14003 and below CVE-2022-47966. Due to a dependency to an outdated library Apache Santuario version 1.4.1, it is possible to execute arbitrary code by...

CVE-2022-47966: Rapid7 Observed Exploitation of Critical ManageEngine Vulnerability

Emergent threats evolve quickly, and as we learn more about this vulnerability, this blog post will evolve, too. Rapid7 is responding to various compromises arising from the exploitation of CVE-2022-47966, a pre-authentication remote code execution RCE vulnerability impacting at least 24 on-premi...

A Critical Vulnerability That Affects ManageEngine Products

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A critical vulnerability in several ManageEngine products allows for remote code execution RCE without authentication. This vulnerability is tracked as CVE-2022-47966 and is caused by an outdated...

Spoofing

An XML parsing vulnerability affects IBM SAML-based single sign-on SSO systems IBM Security Access Manager 9.0.0 - 9.0.4 and IBM Tivoli Federated Identity Manager 6.2 - 6.0.2. This vulnerability can allow an attacker with authenticated access to trick SAML systems into authenticating as a differe...

CVE-2018-1443

An XML parsing vulnerability affects IBM SAML-based single sign-on SSO systems IBM Security Access Manager 9.0.0 - 9.0.4 and IBM Tivoli Federated Identity Manager 6.2 - 6.0.2. This vulnerability can allow an attacker with authenticated access to trick SAML systems into authenticating as a differe...

CVE-2016-3085

Apache CloudStack 4.5.x before 4.5.2.1, 4.6.x before 4.6.2.1, 4.7.x before 4.7.1.1, and 4.8.x before 4.8.0.1, when SAML-based authentication is enabled and used, allow remote attackers to bypass authentication and access the user interface via vectors related to the SAML plugin...

Debian: Security Advisory (DSA-2467-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 2467-1] mahara security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2467-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst May 09, 2012 http://www.debian.org/security/faq -...