Search Results | AttackerKB

Show filters

Topics 5 Users 9,709

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

5 Total Results

Displaying 1-5 of 5

Attacker Value

Unknown

CVE-2024-5250

Disclosure Date: July 30, 2024 (last updated October 02, 2024)

In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML integrations

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2024-5249

Disclosure Date: July 30, 2024 (last updated October 02, 2024)

In versions of Akana API Platform prior to 2024.1.0, SAML tokens can be replayed.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2024-3930

Disclosure Date: July 30, 2024 (last updated October 01, 2024)

In versions of Akana API Platform prior to 2024.1.0 a flaw resulting in XML External Entity (XXE) was discovered.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2024-3826

Disclosure Date: July 02, 2024 (last updated July 30, 2024)

In versions of Akana in versions prior to and including 2022.1.3 validation is broken when using the SAML Single Sign-On (SSO) functionality.

0

Attacker Value

Unknown

CVE-2024-2796

Disclosure Date: April 18, 2024 (last updated September 09, 2024)

A server-side request forgery (SSRF) was discovered in the Akana API Platform in versions prior to and including 2022.1.3. Reported by Jakob Antonsson.

0