PT-2019-13371 · One Identity · One Identity Cloud Access Manager
Furqan Khan
·
Published
2019-07-29
·
Updated
2023-02-28
·
CVE-2019-13498
CVSS v3.1
7.4
High
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
One Identity Cloud Access Manager version 8.1.3
Description
The issue allows man-in-the-middle (MITM) attacks due to the lack of HTTP Strict Transport Security (HSTS).
Recommendations
For One Identity Cloud Access Manager version 8.1.3, update to version 8.1.4 to resolve the issue.
Exploit
Fix
Cleartext Transmission of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
One Identity Cloud Access Manager