CVE-2017-12872 (simplesamlphp)

CVE-2017-12872 (simplesamlphp)

The (1) Htpasswd authentication source in the authcrypt module and (2) SimpleSAML_Session class in SimpleSAMLphp 1.14.11 and earlier allow remote attackers to conduct timing side-channel attacks by leveraging use of the standard comparison operator to compare secret material against user input.

Source: CVE-2017-12872 (simplesamlphp)

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다