Filtered by vendor Apereo
Subscriptions
Total
33 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-4612 | 1 Apereo | 1 Central Authentication Service | 2024-10-10 | 9.8 Critical |
Improper Authentication vulnerability in Apereo CAS in jakarta.servlet.http.HttpServletRequest.getRemoteAddr method allows Multi-Factor Authentication bypass.This issue affects CAS: through 7.0.0-RC7. It is unknown whether in new versions the issue will be fixed. For the date of publication there is no patch, and the vendor does not treat it as a vulnerability. | ||||
CVE-2018-1000836 | 1 Apereo | 1 Bw-calendar-engine | 2024-09-16 | N/A |
bw-calendar-engine version <= bw-calendar-engine-3.12.0 contains a XML External Entity (XXE) vulnerability in IscheduleClient XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via Man in the Middle or malicious server. | ||||
CVE-2017-1000221 | 1 Apereo | 1 Opencast | 2024-09-16 | N/A |
In Opencast 2.2.3 and older if user names overlap, the Opencast search service used for publication to the media modules and players will handle the access control incorrectly so that users only need to match part of the user name used for the access restriction. For example, a user with the role ROLE_USER will have access to recordings published only for ROLE_USER_X. | ||||
CVE-2018-20000 | 1 Apereo | 1 Bw-webdav | 2024-09-16 | N/A |
Apereo Bedework bw-webdav before 4.0.3 allows XXE attacks, as demonstrated by an invite-reply document that reads a local file, related to webdav/servlet/common/MethodBase.java and webdav/servlet/common/PostRequestPars.java. | ||||
CVE-2010-3691 | 1 Apereo | 1 Phpcas | 2024-08-07 | N/A |
PGTStorage/pgt-file.php in phpCAS before 1.1.3, when proxy mode is enabled, allows local users to overwrite arbitrary files via a symlink attack on an unspecified file. | ||||
CVE-2010-3690 | 1 Apereo | 1 Phpcas | 2024-08-07 | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in phpCAS before 1.1.3, when proxy mode is enabled, allow remote attackers to inject arbitrary web script or HTML via (1) a crafted Proxy Granting Ticket IOU (PGTiou) parameter to the callback function in client.php, (2) vectors involving functions that make getCallbackURL calls, or (3) vectors involving functions that make getURL calls. | ||||
CVE-2010-3692 | 1 Apereo | 1 Phpcas | 2024-08-07 | N/A |
Directory traversal vulnerability in the callback function in client.php in phpCAS before 1.1.3, when proxy mode is enabled, allows remote attackers to create or overwrite arbitrary files via directory traversal sequences in a Proxy Granting Ticket IOU (PGTiou) parameter. | ||||
CVE-2012-5583 | 1 Apereo | 1 Phpcas | 2024-08-06 | N/A |
phpCAS before 1.3.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | ||||
CVE-2012-1104 | 3 Apereo, Debian, Linux | 3 Phpcas, Debian Linux, Linux Kernel | 2024-08-06 | 5.3 Medium |
A Security Bypass vulnerability exists in the phpCAS 1.2.2 library from the jasig project due to the way proxying of services are managed. | ||||
CVE-2012-1105 | 3 Apereo, Debian, Fedoraproject | 3 Phpcas, Debian Linux, Fedora | 2024-08-06 | 5.5 Medium |
An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner. | ||||
CVE-2014-4172 | 4 Apereo, Debian, Fedoraproject and 1 more | 6 .net Cas Client, Java Cas Client, Phpcas and 3 more | 2024-08-06 | 9.8 Critical |
A URL parameter injection vulnerability was found in the back-channel ticket validation step of the CAS protocol in Jasig Java CAS Client before 3.3.2, .NET CAS Client before 1.0.2, and phpCAS before 1.3.3 that allow remote attackers to inject arbitrary web script or HTML via the (1) service parameter to validation/AbstractUrlBasedTicketValidator.java or (2) pgtUrl parameter to validation/Cas20ServiceTicketValidator.java. | ||||
CVE-2014-2296 | 1 Apereo | 1 Cas Server | 2024-08-06 | N/A |
XML external entity (XXE) vulnerability in java/org/jasig/cas/util/SamlUtils.java in Jasig CAS server before 3.4.12.1 and 3.5.x before 3.5.2.1, when Google Accounts Integration is enabled, allows remote unauthenticated users to bypass authentication via crafted XML data. | ||||
CVE-2015-1169 | 1 Apereo | 1 Central Authentication Service | 2024-08-06 | N/A |
Apereo Central Authentication Service (CAS) Server before 3.5.3 allows remote attackers to conduct LDAP injection attacks via a crafted username, as demonstrated by using a wildcard and a valid password to bypass LDAP authentication. | ||||
CVE-2017-1000071 | 1 Apereo | 1 Phpcas | 2024-08-05 | N/A |
Jasig phpCAS version 1.3.4 is vulnerable to an authentication bypass in the validateCAS20 function when configured to authenticate against an old CAS server. | ||||
CVE-2018-16153 | 1 Apereo | 1 Opencast | 2024-08-05 | 7.5 High |
An issue was discovered in Apereo Opencast 4.x through 10.x before 10.6. It sends system digest credentials during authentication attempts to arbitrary external services in some situations. | ||||
CVE-2019-10754 | 1 Apereo | 1 Central Authentication Service | 2024-08-04 | 8.1 High |
Multiple classes used within Apereo CAS before release 6.1.0-RC5 makes use of apache commons-lang3 RandomStringUtils for token and ID generation which makes them predictable due to RandomStringUtils PRNG's algorithm not being cryptographically strong. | ||||
CVE-2020-27178 | 1 Apereo | 1 Central Authentication Service | 2024-08-04 | 7.5 High |
Apereo CAS 5.3.x before 5.3.16, 6.x before 6.1.7.2, 6.2.x before 6.2.4, and 6.3.x before 6.3.0-RC4 mishandles secret keys with Google Authenticator for multifactor authentication. | ||||
CVE-2020-26234 | 1 Apereo | 1 Opencast | 2024-08-04 | 4.8 Medium |
Opencast before versions 8.9 and 7.9 disables HTTPS hostname verification of its HTTP client used for a large portion of Opencast's HTTP requests. Hostname verification is an important part when using HTTPS to ensure that the presented certificate is valid for the host. Disabling it can allow for man-in-the-middle attacks. This problem is fixed in Opencast 7.9 and Opencast 8.8 Please be aware that fixing the problem means that Opencast will not simply accept any self-signed certificates any longer without properly importing them. If you need those, please make sure to import them into the Java key store. Better yet, get a valid certificate. | ||||
CVE-2020-5230 | 1 Apereo | 1 Opencast | 2024-08-04 | 7.7 High |
Opencast before 8.1 and 7.6 allows almost arbitrary identifiers for media packages and elements to be used. This can be problematic for operation and security since such identifiers are sometimes used for file system operations which may lead to an attacker being able to escape working directories and write files to other locations. In addition, Opencast's Id.toString(…) vs Id.compact(…) behavior, the latter trying to mitigate some of the file system problems, can cause errors due to identifier mismatch since an identifier may unintentionally change. This issue is fixed in Opencast 7.6 and 8.1. | ||||
CVE-2020-5229 | 1 Apereo | 1 Opencast | 2024-08-04 | 7.7 High |
Opencast before 8.1 stores passwords using the rather outdated and cryptographically insecure MD5 hash algorithm. Furthermore, the hashes are salted using the username instead of a random salt, causing hashes for users with the same username and password to collide which is problematic especially for popular users like the default `admin` user. This essentially means that for an attacker, it might be feasible to reconstruct a user's password given access to these hashes. Note that attackers needing access to the hashes means that they must gain access to the database in which these are stored first to be able to start cracking the passwords. The problem is addressed in Opencast 8.1 which now uses the modern and much stronger bcrypt password hashing algorithm for storing passwords. Note, that old hashes remain MD5 until the password is updated. For a list of users whose password hashes are stored using MD5, take a look at the `/user-utils/users/md5.json` REST endpoint. |