Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when configured as an OpenID relying party, does not perform the expected login rejection upon receiving an OP-Identifier from an OpenID provider, which allows remote attackers to bypass authentication via unspecified vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Tivoli Federated Identity Manager认证绕过漏洞
Vulnerability Description
IBM Tivoli Federated Identity Manager(TFIM)是美国IBM公司的一款跨企业的联邦身份管理产品。该产品向使用多种应用程序的用户提供Web和联合单点登录功能(SSO)。 IBM Tivoli Federated Identity Manager (TFIM) 6.2.0.2之前的6.2.0版本在配置为一个OpenID依赖方时,不能根据从OpenID供应商获得的OP标识符执行预期的登录拒绝。远程攻击者可借助未明向量绕过认证。
CVSS Information
N/A
Vulnerability Type
N/A