Unknown · Pspas Powershell Module · CVE-2025-59270
**Name of the Vulnerable Software and Affected Versions**
psPAS PowerShell module versions prior to 7.0.209
**Description**
The psPAS PowerShell module does not enforce TLS 1.2 within the `Get-PASSAMLResponse` function during the SAML authentication process. This allows an unauthenticated attacker in a 'Man-in-the-Middle' position to potentially downgrade the TLS protocol to a deprecated version by manipulating the TLS handshake.
**Recommendations**
Update to version 7.0.209 or later.