CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2018/11/13 6:16 p.m.•3 views

keycloak: expiration not validated in SAML broker consumer endpoint

The SAML broker consumer endpoint in Keycloak before version 4.6.0.Final ignores expiration conditions on SAML assertions. An attacker can exploit this vulnerability to perform a replay attack...

8.1CVSS5.8AI score0.00814EPSS

RedHat Linux•added 2018/11/13 6:16 p.m.•4 views

keycloak: auth permitted with expired certs in SAML client

5.5CVSS5.8AI score0.00352EPSS

CNVD•added 2018/10/08 12:0 a.m.•2 views

VMware Workspace ONE Unified Endpoint Management Console (AirWatch Console) SAML Authentication Bypass Vulnerability

VMware Workspace ONE Unified Endpoint Management Console is a console product from VMware. A SAML authentication bypass vulnerability exists in the VMware Workspace ONE Unified Endpoint Management Console AirWatch Console, which could allow an attacker to emulate an authorized SAML session if...

7.4CVSS7.5AI score0.01089EPSS

RedHat Linux•added 2018/09/24 9:46 p.m.•1 views

keycloak: SAML request parser replaces special strings with system properties

It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID fie...

OSV•added 2018/09/13 2:29 p.m.•2 views

CVE-2018-5549

On BIG-IP APM 11.6.0-11.6.3.1, 12.1.0-12.1.3.3, 13.0.0, and 13.1.0-13.1.0.3, APMD may core when processing SAML Assertion or response containing certain elements...

7.5CVSS5.8AI score

Exploits0References2

OpenVAS•added 2018/07/09 12:0 a.m.•20 views

Debian: Security Advisory (DLA-1410-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.2AI score0.02469EPSS

Exploits0References3

CNVD•added 2018/07/04 12:0 a.m.•1 views

IBM WebSphere Application Server Liberty Information Disclosure Vulnerability (CNVD-2018-13472)

IBM WebSphere Application Server WAS is an application server product developed and distributed by IBM in the U.S. It is a platform for Java EE and Web services applications and the foundation of the IBM WebSphere software platform.Liberty is a dynamic server profile for WAS. An information...

7.5CVSS6AI score0.02902EPSS

Positive Technologies•added 2018/04/18 12:0 a.m.•3 views

PT-2018-1772 · Cisco · Cisco Ftd +2

Name of the Vulnerable Software and Affected Versions: Cisco AnyConnect Secure Mobility Client, Cisco Adaptive Security Appliance ASA Software, and Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the implementation of Security Assertion...

6.5CVSS6.6AI score0.03717EPSS

Exploits0References8

CNVD•added 2018/03/06 12:0 a.m.•4 views

SimpleSAMLphp Incorrect Signature Validation Vulnerability

SimpleSAMLphp is a set of PHP authentication applications that implement the SAML 2.0 Service Provider and Identity Provider functionality. the SAML2 library is one of the Security Assertion Markup Language libraries . A security vulnerability exists in the HTTPRedirect.php file of the SAML2...

8.1CVSS7AI score0.01221EPSS

Positive Technologies•added 2017/12/23 12:0 a.m.•2 views

PT-2017-14626 · Auth0 · Passport-Wsfed-Saml2

Name of the Vulnerable Software and Affected Versions: Auth0 passport-wsfed-saml2 versions prior to 3.0.5 Description: A vulnerability has been discovered in the Auth0 passport-wsfed-saml2 library, allowing an attacker to impersonate another user and potentially elevate their privileges if the SA...

9.3CVSS7.9AI score0.01138EPSS

Exploits0References9

ThreatPost•added 2017/11/24 10:39 a.m.•14 views

SAML Post-Intrusion Attack Mirrors ‘Golden Ticket’

Researchers at CyberArk Labs have created a post-intrusion attack technique known as a Golden SAML that could allow an attacker to fake enterprise user identities and forge authentication to gain access to valuable cloud resources in a federation environment. “Using this post-exploit technique,...

0.9AI score

RedHat Linux•added 2017/11/14 8:51 p.m.•1 views

keycloak: SAML request parser replaces special strings with system properties

RedHat Linux•added 2017/11/14 8:27 p.m.•2 views

keycloak: SAML request parser replaces special strings with system properties

OSV•added 2017/11/02 3:29 p.m.•2 views

CVE-2017-10873

OpenAM Open Source Edition allows an attacker to bypass authentication and access unauthorized contents via unspecified vectors. Note that this vulnerability affects OpenAM Open Source Edition implementations configured as SAML 2.0IdP, and switches authentication methods based on AuthnContext...

8.1CVSS5.8AI score0.02625EPSS

Exploits0References3

RedHat Linux•added 2017/09/26 7:14 p.m.•1 views

keycloak: SAML request parser replaces special strings with system properties

RedHat Linux•added 2017/09/26 5:58 p.m.•1 views

keycloak: SAML request parser replaces special strings with system properties

OSV•added 2017/03/23 6:59 a.m.•3 views

CVE-2016-5749

NetIQ Access Manager 4.1 before 4.1.2 HF 1 and 4.2 before 4.2.2 was parsing incoming SAML requests with external entity resolution enabled, which could lead to local file disclosure via an XML External Entity XXE attack...

5.5CVSS5.8AI score0.00393EPSS

OSV•added 2017/02/17 2:59 a.m.•1 views

DEBIAN-CVE-2016-9814

The validateSignature method in the SAML2\Utils class in SimpleSAMLphp before 1.14.10 and simplesamlphp/saml2 library before 1.9.1, 1.10.x before 1.10.3, and 2.x before 2.3.3 allows remote attackers to spoof SAML responses or possibly cause a denial of service memory consumption by leveraging...

9.1CVSS8.9AI score0.02424EPSS