PT-2019-13371 · One Identity · One Identity Cloud Access Manager

Furqan Khan

·

Publicado

2019-07-29

·

Atualizado

2023-02-28

·

CVE-2019-13498

CVSS v3.1

7.4

Alta

VetorAV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Name of the Vulnerable Software and Affected Versions One Identity Cloud Access Manager version 8.1.3
Description The issue allows man-in-the-middle (MITM) attacks due to the lack of HTTP Strict Transport Security (HSTS).
Recommendations For One Identity Cloud Access Manager version 8.1.3, update to version 8.1.4 to resolve the issue.

Exploit

Correção

Cleartext Transmission of Sensitive Information

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-319

Identificadores relacionados

CVE-2019-13498

Produtos afetados

One Identity Cloud Access Manager