Openathens Service Provider
Monthly
Eduserv OpenAthens SP 2.0 for Java allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack.". Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.
Eduserv OpenAthens SP 2.0 for Java allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack.". Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.