Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:36490
HistoryJul 26, 2022 - 3:27 a.m.

Authorization Bypass

2022-07-2603:27:29
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
authorization bypass
http-request intercepting
saml assertion signature
impersonation
administrative roles

EPSS

0.001

Percentile

42.8%

JSON

drupal7 is vulnerable to authorization bypass. An attacker with access to a HTTP-request intercepting method is able to bypass authentication and authorization by removing the SAML Assertion Signature - impersonating existing users and existing roles, including administrative users/roles.

Related

prion 1
cve 1
cvelist 1
nvd 1
alpinelinux 1
prion
prion
Authorization
2022-06-03 18:15:00
cve
cve
CVE-2022-26493
2022-06-03 18:15:09
cvelist
cvelist
CVE-2022-26493 miniOrange SAML Authentication Bypass
2022-06-03 16:00:14
nvd
nvd
CVE-2022-26493
2022-06-03 18:15:09
alpinelinux
alpinelinux
CVE-2022-26493
2022-06-03 18:15:09

EPSS

0.001

Percentile

42.8%

JSON
Related for VERACODE:36490
prion1cve1cvelist1nvd1alpinelinux1