PT-2013-3637 · Microsoft+1 · Sharepoint Server+3
Publicado
2013-03-21
·
Atualizado
2018-08-13
·
CVE-2013-2279
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
CA SiteMinder Federation (FSS) versions 12.0 through 12.5
CA SiteMinder Federation (Standalone) versions 12.0 through 12.1
CA Agent for SharePoint 2010
CA SiteMinder for Secure Proxy Server versions 6.0 through 12.5
Description
The issue concerns the improper verification of XML signatures for SAML statements, allowing remote attackers to spoof other users and gain privileges.
Recommendations
For CA SiteMinder Federation (FSS) versions 12.0 through 12.5, update the software to properly verify XML signatures.
For CA SiteMinder Federation (Standalone) versions 12.0 through 12.1, update the software to properly verify XML signatures.
For CA Agent for SharePoint 2010, update the software to properly verify XML signatures.
For CA SiteMinder for Secure Proxy Server versions 6.0 through 12.5, update the software to properly verify XML signatures.
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ca Agent For Sharepoint
Ca Siteminder Federation
Ca Siteminder For Secure Proxy Server
Sharepoint Server