Computer Security
[EN] securityvulns.ru no-pyccku


CA SiteMinder privilege escalation
Published:24.03.2013
Source:
SecurityVulns ID:12971
Type:remote
Threat Level:
5/10
Description:Invalid SAML signature verification.
Affected:CA : SiteMinder Federation 12.5
 CA : SiteMinder Federation 12.1
 CA : SiteMinder Federation 12.0
 CA : SiteMinder Agent for SharePoint 2010
 CA : SiteMinder for Secure Proxy Server 12.5
 CA : SiteMinder for Secure Proxy Server 12.0
CVE:CVE-2013-2279 (CA SiteMinder Federation (FSS) 12.5, 12.0, and r6; Federation (Standalone) 12.1 and 12.0; Agent for SharePoint 2010; and SiteMinder for Secure Proxy Server 6.0, 12.0, and 12.5 does not properly verify XML signatures for SAML statements, which allows remote attackers to spoof other users and gain privileges.)
Original documentdocumentCA, CA20130319-01: Security Notice for SiteMinder products using SAML (24.03.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod