Description
An issue was discovered in Talend Data Catalog before 7.3-20210930. After setting up SAML/OAuth, authentication is not correctly enforced on the native login page. Any valid user from the SAML/OAuth provider can be used as the username with an arbitrary password, and login will succeed.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2021-29792 | An issue was discovered in Talend Data Catalog before 7.3-20210930. After setting up SAML/OAuth, authentication is not correctly enforced on the native login page. Any valid user from the SAML/OAuth provider can be used as the username with an arbitrary password, and login will succeed. |
References
History
No history.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-04T03:38:50.217Z
Reserved: 2021-10-22T00:00:00.000Z
Link: CVE-2021-42837
No data.
Status : Modified
Published: 2021-11-05T18:15:09.377
Modified: 2026-06-17T04:10:11.190
Link: CVE-2021-42837
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-287
Improper Authentication
EUVD