Описание
Apache Guacamole 1.2.0 and 1.3.0 do not properly validate responses received from a SAML identity provider. If SAML support is enabled, this may allow a malicious user to assume the identity of another Guacamole user.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | DNE | |
| esm-apps/bionic | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/noble | needs-triage | |
| esm-apps/xenial | needs-triage | |
| hirsute | ignored | end of life |
| impish | ignored | end of life |
| jammy | needs-triage | |
| kinetic | ignored | end of life, was needs-triage |
Показывать по
10
6 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
CVSS3: 8.8
nvd
около 4 лет назад
Apache Guacamole 1.2.0 and 1.3.0 do not properly validate responses received from a SAML identity provider. If SAML support is enabled, this may allow a malicious user to assume the identity of another Guacamole user.
CVSS3: 8.8
debian
около 4 лет назад
Apache Guacamole 1.2.0 and 1.3.0 do not properly validate responses re ...
6 Medium
CVSS2
8.8 High
CVSS3