Описание
Jasig phpCAS version 1.3.4 is vulnerable to an authentication bypass in the validateCAS20 function when configured to authenticate against an old CAS server.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | ignored | end of standard support, was needed |
| cosmic | ignored | end of life |
| devel | not-affected | 1.3.6-1 |
| disco | not-affected | 1.3.6-1 |
| eoan | not-affected | 1.3.6-1 |
| esm-apps/bionic | needed | |
| esm-apps/focal | not-affected | 1.3.6-1 |
| esm-apps/jammy | not-affected | 1.3.6-1 |
| esm-apps/noble | not-affected | 1.3.6-1 |
Показывать по
10
6.8 Medium
CVSS2
8.1 High
CVSS3
Связанные уязвимости
CVSS3: 8.1
nvd
больше 8 лет назад
Jasig phpCAS version 1.3.4 is vulnerable to an authentication bypass in the validateCAS20 function when configured to authenticate against an old CAS server.
CVSS3: 8.1
debian
больше 8 лет назад
Jasig phpCAS version 1.3.4 is vulnerable to an authentication bypass i ...
CVSS3: 8.1
github
больше 3 лет назад
Jasig phpCAS version 1.3.4 is vulnerable to an authentication bypass in the validateCAS20 function when configured to authenticate against an old CAS server.
6.8 Medium
CVSS2
8.1 High
CVSS3