Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Very High
CVE-2024-21893
Disclosure Date: January 31, 2024 (last updated February 02, 2024)
A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication.
8
Attacker Value
Unknown
CVE-2023-36661
Disclosure Date: June 25, 2023 (last updated October 08, 2023)
Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. (This is fixed in, for example, Shibboleth Service Provider 3.4.1.3 on Windows.)
0