Skip to main content

Ipsilon

3 CVEs product

Monthly

CVE-2016-8638 PyPI CRITICAL PATCH Act Now

A vulnerability in ipsilon 2.0 before 2.0.2, 1.2 before 1.2.1, 1.1 before 1.1.2, and 1.0 before 1.0.3 was found that allows attacker to log out active sessions of other users. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Session Fixation Information Disclosure Ipsilon
NVD
CVSS 3.0
9.1
EPSS
7.1%
CVE-2015-5301 PyPI MEDIUM PATCH This Month

providers/saml2/admin.py in the Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.2 and 1.1.x before 1.1.1 does not properly check permissions, which allows remote authenticated users to. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Privilege Escalation Ipsilon
NVD
CVSS 2.0
5.5
EPSS
0.7%
CVE-2015-5217 PyPI MEDIUM PATCH This Month

providers/saml2/admin.py in the Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.1 does not properly check permissions to update the SAML2 Service Provider (SP) owner, which allows remote. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Privilege Escalation Ipsilon
NVD
CVSS 2.0
4.0
EPSS
0.4%
EPSS 7% CVSS 9.1
CRITICAL PATCH Act Now

A vulnerability in ipsilon 2.0 before 2.0.2, 1.2 before 1.2.1, 1.1 before 1.1.2, and 1.0 before 1.0.3 was found that allows attacker to log out active sessions of other users. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Session Fixation Information Disclosure Ipsilon
NVD
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

providers/saml2/admin.py in the Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.2 and 1.1.x before 1.1.1 does not properly check permissions, which allows remote authenticated users to. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Privilege Escalation Ipsilon
NVD
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

providers/saml2/admin.py in the Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.1 does not properly check permissions to update the SAML2 Service Provider (SP) owner, which allows remote. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Privilege Escalation Ipsilon
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy