Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2 uses an incomplete SAML 1.x browser-artifact, which allows remote OpenID providers to spoof assertions via vectors related to the Issuer field.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Tivoli Federated Identity Manager输入验证漏洞
Vulnerability Description
IBM Tivoli Federated Identity Manager(TFIM)是美国IBM公司的一款跨企业的联邦身份管理产品。该产品向使用多种应用程序的用户提供Web和联合单点登录功能(SSO)。 IBM Tivoli Federated Identity Manager (TFIM) 6.2.0.2之前的6.2.0版本使用不完全的SAML 1.x browser-artifact。远程OpenID供应商可借助与Issuer字段有关的向量欺骗断言。
CVSS Information
N/A
Vulnerability Type
N/A