Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2015-6254
HistoryAug 17, 2015 - 8:00 p.m.

CVE-2015-6254

2015-08-1720:00:00
mitre
www.cve.org
1

5.9 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.4%

JSON

The (1) Service Provider (SP) and (2) Identity Provider (IdP) in PicketLink before 2.7.0 does not ensure that the Destination attribute in a Response element in a SAML assertion matches the location from which the message was received, which allows remote attackers to have unspecified impact via unknown vectors. NOTE: this identifier was SPLIT from CVE-2015-0277 per ADT2 due to different vulnerability types.

Related

prion 2
cve 2
cvelist 1
nvd 2
nessus 3
redhat 3
prion
prion
Design/Logic Flaw
2015-08-17 20:59:00
Code injection
2015-08-17 20:59:00
cve
cve
CVE-2015-0277
2015-08-17 20:59:00
CVE-2015-6254
2015-08-17 20:59:01
cvelist
cvelist
CVE-2015-0277
2015-08-17 20:00:00
nvd
nvd
CVE-2015-0277
2015-08-17 20:59:00
CVE-2015-6254
2015-08-17 20:59:01
nessus
nessus
RHEL 6 : JBoss EAP (RHSA-2015:0847)
2015-04-20 00:00:00
RHEL 5 : JBoss EAP (RHSA-2015:0846)
2015-04-20 00:00:00
RHEL 7 : JBoss EAP (RHSA-2015:0848)
2018-09-04 00:00:00
redhat
redhat
(RHSA-2015:0848) Important: Red Hat JBoss Enterprise Application Platform 6.4.0 update
2015-04-16 00:00:00
(RHSA-2015:0847) Important: Red Hat JBoss Enterprise Application Platform 6.4.0 update
2015-04-16 15:44:21
(RHSA-2015:0846) Important: Red Hat JBoss Enterprise Application Platform 6.4.0 update
2015-04-16 00:00:00

5.9 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.4%

JSON
Related for CVELIST:CVE-2015-6254
prion2cve2cvelist1nvd2nessus3redhat3