NotCVE - vendor:"Forgerock" product:"Access Management" version:"6.5.2.1"

Page 2 of 7 results (0.007 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-37153

https://notcve.org/view.php?id=CVE-2021-37153

ForgeRock Access Management (AM) before 7.0.2, when configured with Active Directory as the Identity Store, has an authentication-bypass issue. ForgeRock Access Management (AM) versiones anteriores a 7.0.2, cuando está configurado con Active Directory como Almacén de Identidades, presenta un problema de omisión de autenticación. • https://backstage.forgerock.com/knowledge/kb/article/a55763454 https://www.forgerock.com/platform/access-management •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-37154

https://notcve.org/view.php?id=CVE-2021-37154

In ForgeRock Access Management (AM) before 7.0.2, the SAML2 implementation allows XML injection, potentially enabling a fraudulent SAML 2.0 assertion. En ForgeRock Access Management (AM) versiones anteriores a 7.0.2, la implementación de SAML2 permite una inyección de XML, permitiendo potencialmente una aserción fraudulenta de SAML versión 2.0. • https://backstage.forgerock.com/knowledge/kb/article/a55763454 https://www.forgerock.com/platform/access-management • CWE-91: XML Injection (aka Blind XPath Injection) •

1 2