Lucene search
K

308 matches found

RedHat Linux
RedHat Linux
added 2015/03/11 4:51 p.m.5 views

CXF: Improper security semantics enforcement of SAML SubjectConfirmation methods

It was found that Apache WSS4J Web Services Security for Java, as used by Apache CXF with the TransportBinding, did not, by default, properly enforce all security requirements associated with SAML SubjectConfirmation methods. A remote attacker could use this flaw to perform various types of...

5CVSS5.8AI score0.09224EPSS
Exploits0References4
CNVD
CNVD
added 2015/01/22 12:0 a.m.10 views

Unspecified Vulnerability in Oracle OpenSSO SAML Subpart (CNVD-2015-00552)

OpenSSO project is an open source implementation of SSO Single Sign-On for Web applications deployed on different Web or different servers to provide centralized authentication capabilities . Oracle OpenSSO SAML subcomponent has a security vulnerability that allows remote attackers to exploit the...

3.5CVSS7AI score0.00837EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2014/10/01 6:10 p.m.3 views

CXF: The SecurityTokenService accepts certain invalid SAML Tokens as valid

It was found that the SecurityTokenService STS, provided as a part of Apache CXF, could under certain circumstances accept invalid SAML tokens as valid. A remote attacker could use a specially crafted SAML token to gain access to an application that uses STS for validation of SAML tokens...

4.3CVSS7.3AI score0.07405EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/06/26 3:11 p.m.7 views

CXF: The SecurityTokenService accepts certain invalid SAML Tokens as valid

It was found that the SecurityTokenService STS, provided as a part of Apache CXF, could under certain circumstances accept invalid SAML tokens as valid. A remote attacker could use a specially crafted SAML token to gain access to an application that uses STS for validation of SAML tokens...

4.3CVSS7.3AI score0.07405EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2012/04/02 12:0 a.m.23 views

Fedora Update for opensaml FEDORA-2011-12815

Check for the Version of opensaml OpenVAS Vulnerability Test Fedora Update for opensaml FEDORA-2011-12815 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

5.8CVSS6.4AI score0.02291EPSS
Exploits0References2
Fedora
Fedora
added 2011/09/30 7:6 p.m.23 views

[SECURITY] Fedora 16 Update: opensaml-2.3-6.fc16

OpenSAML is an open source implementation of the OASIS Security Assertion Markup Language Specification. It contains a set of open source C++ classes that support the SAML 1.0, 1.1, and 2.0 specifications...

5.8CVSS1.5AI score0.02291EPSS
Exploits0
OpenVAS
OpenVAS
added 2011/09/30 12:0 a.m.25 views

Fedora Update for opensaml FEDORA-2011-12890

Check for the Version of opensaml OpenVAS Vulnerability Test Fedora Update for opensaml FEDORA-2011-12890 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

5.8CVSS6.4AI score0.02291EPSS
Exploits0References2
CERT
CERT
added 2008/09/02 12:0 a.m.23 views

Google SAML Single Sign on vulnerability

Overview The SAML Single Sign-On SSO Service for Google Apps contained a vulnerability that could have allowed an attacker to gain access to a user's Google account. Description The Security Assertion Markup Language SAML is a standard for transmitting authentication data between two or more...

7.4AI score
Exploits0References4
Rows per page
Query Builder