Skip to main content

Sast

1 CVEs product

Monthly

CVE-2026-24069 MEDIUM PATCH This Month

Kiuwan SAST fails to properly enforce SSO login authorization for locally disabled user accounts, permitting disabled users to maintain application access through single sign-on mechanisms. This affects Kiuwan Cloud and Kiuwan SAST on-premise (KOP) versions prior to 2.8.2509.4, enabling authenticated attackers with prior credentials to bypass account disablement controls. An attacker whose account has been disabled by administrators can re-authenticate via SSO and regain unauthorized access to the system.

Authentication Bypass Sast
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Kiuwan SAST fails to properly enforce SSO login authorization for locally disabled user accounts, permitting disabled users to maintain application access through single sign-on mechanisms. This affects Kiuwan Cloud and Kiuwan SAST on-premise (KOP) versions prior to 2.8.2509.4, enabling authenticated attackers with prior credentials to bypass account disablement controls. An attacker whose account has been disabled by administrators can re-authenticate via SSO and regain unauthorized access to the system.

Authentication Bypass Sast
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy