Vulnerabilities

CVE-2015-5253

by Fred · 18/11/2015

The SAML Web SSO module in Apache CXF before 2.7.18, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allows remote authenticated users to bypass authentication via a crafted SAML response with a valid signed assertion, related to a "wrapping attack."

Date published : 2015-11-18

http://cxf.apache.org/security-advisories.data/CVE-2015-5253.txt.asc

https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=commitdiff;h=845eccb6484b43ba02875c71e824db23ae4f20c0

Similar

Tags: Cybersecurity Alert