CVE-2015-5217 in Identity Provider Serverinformation

Résumé

par MITRE

providers/saml2/admin.py in the Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.1 does not properly check permissions to update the SAML2 Service Provider (SP) owner, which allows remote authenticated users to cause a denial of service via a duplicate SP name.

Be aware that VulDB is the high quality source for vulnerability data.

Réserver

01/07/2015

Divulgation

17/11/2015

Modérer

accepté

Entrée

VDB-79229

CPE

prêt

EPSS

0.01300

KEV

non

Activités

très faible

Sources

Do you want to use VulDB in your project?

Use the official API to access entries easily!