Shibboleth OpenSAML library 2.4.x before 2.4.3 and 2.5.x before 2.5.1, and IdP before 2.3.2, allows remote attackers to forge messages and bypass authentication via an "XML Signature wrapping attack."
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2011-09-02T23:00:00

Updated: 2024-08-06T22:28:40.875Z

Reserved: 2011-03-10T00:00:00

Link: CVE-2011-1411

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2011-09-02T23:55:04.240

Modified: 2013-10-11T03:34:32.480

Link: CVE-2011-1411

cve-icon Redhat

No data.