Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2017-1000433

Disclosure Date: January 02, 2018 (last updated November 26, 2024)
pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0