Lucene search
Identity Provider Security Vulnerabilities - 2015
cve
The PKIX trust engines in Shibboleth Identity Provider before 2.4.4 and OpenSAML Java (OpenSAML-J) before 2.6.5 trust candidate X.509 credentials when no trusted names are available for the entityID, which allows remote attackers to impersonate an entity via a certificate issued by a shibmd:KeyAuth...
8.2AI Score
0.004EPSS
2015-07-08 03:59 PM
93
2