Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2015-6254
HistoryAug 17, 2015 - 8:59 p.m.

Code injection

2015-08-1720:59:00
PRIOn knowledge base
www.prio-n.com
7

7.4 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.4%

JSON

The (1) Service Provider (SP) and (2) Identity Provider (IdP) in PicketLink before 2.7.0 does not ensure that the Destination attribute in a Response element in a SAML assertion matches the location from which the message was received, which allows remote attackers to have unspecified impact via unknown vectors. NOTE: this identifier was SPLIT from CVE-2015-0277 per ADT2 due to different vulnerability types.

CPENameOperatorVersion
picketlinkle2.6.0

Related

cvelist 2
prion 1
cve 2
nvd 2
nessus 3
redhat 3
cvelist
cvelist
CVE-2015-6254
2015-08-17 20:00:00
CVE-2015-0277
2015-08-17 20:00:00
prion
prion
Design/Logic Flaw
2015-08-17 20:59:00
cve
cve
CVE-2015-0277
2015-08-17 20:59:00
CVE-2015-6254
2015-08-17 20:59:01
nvd
nvd
CVE-2015-0277
2015-08-17 20:59:00
CVE-2015-6254
2015-08-17 20:59:01
nessus
nessus
RHEL 6 : JBoss EAP (RHSA-2015:0847)
2015-04-20 00:00:00
RHEL 5 : JBoss EAP (RHSA-2015:0846)
2015-04-20 00:00:00
RHEL 7 : JBoss EAP (RHSA-2015:0848)
2018-09-04 00:00:00
redhat
redhat
(RHSA-2015:0848) Important: Red Hat JBoss Enterprise Application Platform 6.4.0 update
2015-04-16 00:00:00
(RHSA-2015:0847) Important: Red Hat JBoss Enterprise Application Platform 6.4.0 update
2015-04-16 15:44:21
(RHSA-2015:0846) Important: Red Hat JBoss Enterprise Application Platform 6.4.0 update
2015-04-16 00:00:00

7.4 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.4%

JSON
Related for PRION:CVE-2015-6254
cvelist2prion1cve2nvd2nessus3redhat3