Bug 1974359 (CVE-2015-6254)
| Summary: | CVE-2015-6254 PicketLink: Lack of validation for the Destination attribute in a Response element in a SAML assertion | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Ted Jongseok Won <jwon> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | asoldano, atangrin, bbaranow, bmaxwell, brian.stansberry, cdewolf, chazlett, darran.lofthouse, dkreling, dosoudil, eleandro, fjuma, iweiss, jochrist, jpallich, jperkins, jwon, krathod, kwills, lgao, msochure, msvehla, nwallace, pjindal, pmackay, rguimara, rstancel, rsvoboda, smaestri, tom.jenkinson, yborgess |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | PicketLink 2.7.0 | Doc Type: | If docs needed, set a value |
| Doc Text: |
A flaw was found in the way PicketLink's Service Provider (SP) and Identity Provider (IdP) handled certain requests. The SP and IdP in PicketLink before 2.7.0 does not ensure that the Destination attribute in a Response element in the SAML assertion matches the location from which the message was received. This flaw allows a remote attacker to log into a victim's account via PicketLink.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-06-21 14:12:29 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1916825 | ||
|
Description
Ted Jongseok Won
2021-06-21 13:19:57 UTC
|