Main Vulnerability Database SB2015042118

SB2015042118 - Improper access control in PicketLink

Published: April 21, 2015 Updated: April 10, 2025

Security Bulletin ID SB2015042118

CSH Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Improper access control (CVE-ID: CVE-2015-0277)

The vulnerability allows a remote user to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to Service Provider (SP) in PicketLink does not ensure that it is a member of an Audience element when an AudienceRestriction is specified. A remote user can log in to other users' accounts via a crafted SAML assertion.

Remediation

Install update from vendor's website.

References

http://rhn.redhat.com/errata/RHSA-2015-0848.html
http://rhn.redhat.com/errata/RHSA-2015-0847.html
https://bugzilla.redhat.com/show_bug.cgi?id=1194832
http://rhn.redhat.com/errata/RHSA-2015-0849.html
https://issues.jboss.org/browse/PLINK-678
http://rhn.redhat.com/errata/RHSA-2015-0846.html