CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 1CVE-2023-22947
https://notcve.org/view.php?id=CVE-2023-22947
Insecure folder permissions in the Windows installation path of Shibboleth Service Provider (SP) before 3.4.1 allow an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in the service executable's folder. This occurs because the installation goes under C:\opt (rather than C:\Program Files) by default. NOTE: the vendor disputes the significance of this report, stating that "We consider the ACLs a best effort thing" and "it was a documentation mistake." Los permisos de carpeta inseguros en la ruta de instalación de Windows de Shibboleth Service Provider (SP) anterior a 3.4.1 permiten a un atacante local sin privilegios escalar privilegios a SYSTEM mediante la instalación de DLL en la carpeta del ejecutable del servicio. Esto ocurre porque la instalación se realiza en C:\opt (en lugar de C:\Program Files) de forma predeterminada. • https://shibboleth.atlassian.net/browse/SSPCPP-961 https://shibboleth.atlassian.net/wiki/spaces/SP3/pages/2065335545/Install+on+Windows#Restricting-ACLs • CWE-427: Uncontrolled Search Path Element •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-28963
https://notcve.org/view.php?id=CVE-2021-28963
Shibboleth Service Provider before 3.2.1 allows content injection because template generation uses attacker-controlled parameters. Shibboleth Service Provider versiones anteriores a 3.2.1, permite una inyección de contenido porque la generación de plantillas usa parámetros controlados por atacantes • https://bugs.debian.org/985405 https://git.shibboleth.net/view/?p=cpp-sp.git%3Ba=commit%3Bh=d1dbebfadc1bdb824fea63843c4c38fa69e54379 https://issues.shibboleth.net/jira/browse/SSPCPP-922 https://shibboleth.net/community/advisories/secadv_20210317.txt https://www.debian.org/security/2021/dsa-4872 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0CVE-2017-16852
https://notcve.org/view.php?id=CVE-2017-16852
shibsp/metadata/DynamicMetadataProvider.cpp in the Dynamic MetadataProvider plugin in Shibboleth Service Provider before 2.6.1 fails to properly configure itself with the MetadataFilter plugins and does not perform critical security checks such as signature verification, enforcement of validity periods, and other checks specific to deployments, aka SSPCPP-763. shibsp/metadata/DynamicMetadataProvider.cpp en el plugin Dynamic MetadataProvider en Shibboleth Service Provider, en versiones anteriores a la 2.6.1, no se configura correctamente con los plugins MetadataFilter y no realiza las verificaciones de seguridad críticas como la verificación de firmas, cumplimiento de los periodos de validez y otras comprobaciones específicas de despliegues. Esta vulnerabilidad también se conoce como SSPCPP-763. • https://bugs.debian.org/881857 https://git.shibboleth.net/view/?p=cpp-sp.git%3Ba=commit%3Bh=b66cceb0e992c351ad5e2c665229ede82f261b16 https://lists.debian.org/debian-lts-announce/2017/11/msg00025.html https://shibboleth.net/community/advisories/secadv_20171115.txt https://www.debian.org/security/2017/dsa-4038 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0CVE-2015-2684
https://notcve.org/view.php?id=CVE-2015-2684
Shibboleth Service Provider (SP) before 2.5.4 allows remote authenticated users to cause a denial of service (crash) via a crafted SAML message. Shibboleth Service Provider (SP) anterior a 2.5.4 permite a usuarios remotos autenticados causar una denegación de servicio (caída) a través de un mensaje SAML manipulado. • http://www.debian.org/security/2015/dsa-3207 http://www.securityfocus.com/bid/73314 https://shibboleth.net/community/advisories/secadv_20150319.txt • CWE-20: Improper Input Validation •
CVSS: 2.6EPSS: 0%CPEs: 16EXPL: 0CVE-2009-3300
https://notcve.org/view.php?id=CVE-2009-3300
Multiple cross-site scripting (XSS) vulnerabilities in the Identity Provider (IdP) 1.3.x before 1.3.4 and 2.x before 2.1.5, and the Service Provider 1.3.x before 1.3.5 and 2.x before 2.3, in Internet2 Middleware Initiative Shibboleth allow remote attackers to inject arbitrary web script or HTML via URLs that are encountered in redirections, and appear in automatically generated forms. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en Identity Provider (IdP) v1.3.x anteriores a v1.3.4 y v2.x anteriores a v2.1.5, y el Service Provider v1.3.x anteriores a v1.3.5 y v2.x anteriores a v2.3, en Internet2 Middleware Initiative Shibboleth permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección mediante URLs que se encuentran en redirecciones, y aparecen en formularios generados automáticamente. • http://secunia.com/advisories/37237 http://shibboleth.internet2.edu/secadv/secadv_20091104.txt http://www.debian.org/security/2009/dsa-1947 http://www.vupen.com/english/advisories/2009/3150 https://exchange.xforce.ibmcloud.com/vulnerabilities/54140 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •