Skip to main content

Openathens Service Provider

1 CVEs product

Monthly

CVE-2012-5353 MEDIUM This Month

Eduserv OpenAthens SP 2.0 for Java allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack.". Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Java Authentication Bypass Openathens Service Provider
NVD
CVSS 2.0
5.8
EPSS
0.2%
EPSS 0% CVSS 5.8
MEDIUM This Month

Eduserv OpenAthens SP 2.0 for Java allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack.". Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Java Authentication Bypass Openathens Service Provider
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy