Lucene search
Veracode Vulnerability DatabaseVERACODE:4927HistoryAug 21, 2017 - 2:07 p.m.
Authentication Bypass
2017-08-2114:07:13
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.002 Low
EPSS
Percentile
61.3%
simplesamlphp-module-infocard is vulnerable to authentication bypass. The library does not properly handle an error when verifying signatures, allowing a malicious user to pass an invalid signature to the system and become authenticated.
| CPE | Name | Operator | Version |
|---|---|---|---|
| simplesamlphp/simplesamlphp-module-infocard | eq | 1.0 |
References
Related
osv
osv
CVE-2017-12874
2017-09-01 21:29:00
SimpleSAMLphp InfoCard module Incorrect signature verification
2022-05-14 01:05:32
simplesamlphp - security update
2017-12-12 00:00:00
cve
cve
CVE-2017-12874
2017-09-01 21:29:00
debiancve
debiancve
CVE-2017-12874
2017-09-01 21:29:00
friendsofphp
friendsofphp
Incorrect signature verification
2016-12-03 12:16:03
ubuntucve
ubuntucve
CVE-2017-12874
2017-09-01 00:00:00
nvd
nvd
CVE-2017-12874
2017-09-01 21:29:00
github
github
SimpleSAMLphp InfoCard module Incorrect signature verification
2022-05-14 01:05:32
prion
prion
Input validation
2017-09-01 21:29:00
cvelist
cvelist
CVE-2017-12874
2017-09-01 21:00:00
openvas
openvas
Debian: Security Advisory (DLA-1205-1)
2023-03-08 00:00:00
Debian: Security Advisory (DSA-4127-1)
2018-03-01 00:00:00
nessus
nessus
Debian DLA-1205-1 : simplesamlphp security update
2017-12-13 00:00:00
Debian DSA-4127-1 : simplesamlphp - security update
2018-03-05 00:00:00
debian
debian
[SECURITY] [DLA 1205-1] simplesamlphp security update
2017-12-12 10:13:22
[SECURITY] [DSA 4127-1] simplesamlphp security update
2018-03-02 06:15:39
[SECURITY] [DSA 4127-1] simplesamlphp security update
2018-03-02 06:15:39