CVE-2020-13415

Posted on 2020년 5월 23일2020년 5월 23일 by admin

CVE-2020-13415

An issue was discovered in Aviatrix Controller through 5.1. An attacker with any signed SAML assertion from the Identity Provider can establish a connection (even if that SAML assertion has expired or is from a user who is not authorized to access Aviatrix), aka XML Signature Wrapping.

Source: CVE-2020-13415

답글 남기기 응답 취소