providers/saml2/admin.py in the Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.1 does not properly check permissions to update the SAML2 Service Provider (SP) owner, which allows remote authenticated users to cause a denial of service via a duplicate SP name.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2015-11-17T15:00:00
Updated: 2015-11-17T14:57:01
Reserved: 2015-07-01T00:00:00
Link: CVE-2015-5217
JSON object: View
NVD Information
Status : Analyzed
Published: 2015-11-17T15:59:01.513
Modified: 2015-11-18T17:31:06.303
Link: CVE-2015-5217
JSON object: View
Redhat Information
No data.
CWE