Vulnerabilities > Eduserv
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-10-09 | CVE-2012-5353 | Improper Authentication vulnerability in Eduserv Openathens Service Provider 2.0 Eduserv OpenAthens SP 2.0 for Java allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack." | 5.8 |