IBM Security Bulletin: OpenSAML XML information disclosure (CVE-2013-6440)
|
Información sobre el sistema
|
|
|
Software afectado |
IBM |
Descripción
|
p dir="ltr"> A version of OpenSAML shipped with Cúram could allow a remote authenticated attacker to obtain sensitive information. Customers that use opensaml.jar to secure web services may be affected. CVE(s): CVE-2013-6440 Affected product(s) and affected version(s): Cúram Social Program Management All products are affected when running code releases 6.0 SP2, 6.0.3.0, 6.0.4.0, 6.0.4.3, 6.0.4.4, 6.0.4.5, 6.0.5.2, 6.0.5.3, 6.0.5.4. Refer to the following
More info:
https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_opensaml_xml_information_disclosure_cve_2013_6440?lang=en_us |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2013-6440 ,CVE-2013-4032 ,CVE-2013-4033 ,CVE-2014-3042 and CVE-2014-0160. |