Skip to main content

Eidas Node Integration Package

2 CVEs product

Monthly

CVE-2019-18633 CRITICAL POC Act Now

European Commission eIDAS-Node Integration Package before 2.3.1 has Missing Certificate Validation because a certain ExplicitKeyTrustEvaluator return value is not checked. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Eidas Node Integration Package
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2019-18632 CRITICAL POC Act Now

European Commission eIDAS-Node Integration Package before 2.3.1 allows Certificate Faking because an attacker can sign a manipulated SAML response with a forged certificate. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Eidas Node Integration Package
NVD
CVSS 3.1
9.8
EPSS
0.8%
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

European Commission eIDAS-Node Integration Package before 2.3.1 has Missing Certificate Validation because a certain ExplicitKeyTrustEvaluator return value is not checked. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Eidas Node Integration Package
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

European Commission eIDAS-Node Integration Package before 2.3.1 allows Certificate Faking because an attacker can sign a manipulated SAML response with a forged certificate. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Eidas Node Integration Package
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy