Lucene search
Veracode Vulnerability DatabaseVERACODE:4922HistoryAug 21, 2017 - 8:37 a.m.
Execution Of Arbitrary Authentication Source
2017-08-2108:37:41
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.003 Low
EPSS
Percentile
71.8%
SimpleSAMLphp is vulnerable to execution of arbitrary authentication source. This can happen because it does not validate the user input for choice of authentication source against a list of valid sources set by the administrator in multiauth module.
| CPE | Name | Operator | Version |
|---|---|---|---|
| simplesamlphp/simplesamlphp | le | 1.14.13 |
Related
ubuntucve
ubuntucve
CVE-2017-12869
2017-09-01 00:00:00
osv
osv
CVE-2017-12869
2017-09-01 13:29:00
SimpleSAMLphp Authentication context bypass in the multiauth module
2022-05-14 01:04:19
simplesamlphp - security update
2017-12-12 00:00:00
cve
cve
CVE-2017-12869
2017-09-01 13:29:00
friendsofphp
friendsofphp
Authentication context bypass (multiauth module)
2017-05-05 10:47:00
prion
prion
Authentication flaw
2017-09-01 13:29:00
nvd
nvd
CVE-2017-12869
2017-09-01 13:29:00
debiancve
debiancve
CVE-2017-12869
2017-09-01 13:29:00
github
github
SimpleSAMLphp Authentication context bypass in the multiauth module
2022-05-14 01:04:19
cvelist
cvelist
CVE-2017-12869
2017-09-01 13:00:00
nessus
nessus
Debian DLA-1205-1 : simplesamlphp security update
2017-12-13 00:00:00
Debian DSA-4127-1 : simplesamlphp - security update
2018-03-05 00:00:00
debian
debian
[SECURITY] [DLA 1205-1] simplesamlphp security update
2017-12-12 10:13:22
[SECURITY] [DSA 4127-1] simplesamlphp security update
2018-03-02 06:15:39
[SECURITY] [DSA 4127-1] simplesamlphp security update
2018-03-02 06:15:39
openvas
openvas
Debian: Security Advisory (DLA-1205-1)
2023-03-08 00:00:00
Debian: Security Advisory (DSA-4127-1)
2018-03-01 00:00:00