Описание
SimpleSAMLphp 1.7.0 through 1.14.10 might allow attackers to obtain sensitive information, gain unauthorized access, or have unspecified other impacts by leveraging incorrect persistent NameID generation when an Identity Provider (IdP) is misconfigured.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 1.14.15-1 |
| bionic | not-affected | 1.14.15-1 |
| cosmic | not-affected | 1.14.15-1 |
| devel | not-affected | 1.14.15-1 |
| disco | not-affected | 1.14.15-1 |
| eoan | not-affected | 1.14.15-1 |
| esm-apps/bionic | not-affected | 1.14.15-1 |
| esm-apps/focal | not-affected | 1.14.15-1 |
| esm-apps/jammy | not-affected | 1.14.15-1 |
| esm-apps/noble | not-affected | 1.14.15-1 |
Показывать по
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
SimpleSAMLphp 1.7.0 through 1.14.10 might allow attackers to obtain sensitive information, gain unauthorized access, or have unspecified other impacts by leveraging incorrect persistent NameID generation when an Identity Provider (IdP) is misconfigured.
SimpleSAMLphp 1.7.0 through 1.14.10 might allow attackers to obtain se ...
Incorrect persistent NameID generation in SimpleSAMLphp
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3