CVE-2015-6254 - The (1) Service Provider (SP) and (2) Identity Provider (IdP) in PicketLink before 2.7.0 does not en

CVE-2015-6254

Summary

The (1) Service Provider (SP) and (2) Identity Provider (IdP) in PicketLink before 2.7.0 does not ensure that the Destination attribute in a Response element in a SAML assertion matches the location from which the message was received, which allows remote attackers to have unspecified impact via unknown vectors. NOTE: this identifier was SPLIT from CVE-2015-0277 per ADT2 due to different vulnerability types.

References

Vulnerable Configurations

cpe:2.3:a:picketlink:picketlink:*:cr5:*:*:*:*:*:*
cpe:2.3:a:picketlink:picketlink:*:cr5:*:*:*:*:*:*

CVSS

Base:	6.0 (as of 19-08-2015 - 22:54)
Impact:
Exploitability:

CWE

CWE-17

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	SINGLE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:S/C:P/I:P/A:P

redhat via4

advisories

rhsa
id RHSA-2015:0846
rhsa
id RHSA-2015:0847
rhsa
id RHSA-2015:0848
rhsa
id RHSA-2015:0849

refmap via4

confirm

Last major update

19-08-2015 - 22:54

Published

17-08-2015 - 20:59

Last modified

19-08-2015 - 22:54