Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
XML Signature Wrapping (XSW) in SAML-based Single Sign-on feature in TOPdesk v12.10.12 allows bad actors with credentials to authenticate with the Identity Provider (IP) to impersonate any TOPdesk user via SAML Response manipulation.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TOPdesk 安全漏洞
Vulnerability Description
TOPdesk是TOPdesk公司的一款综合性的终端管理软件产品。 TOPdesk v12.10.12版本存在安全漏洞,该漏洞源于基于 SAML 的单点登录功能中的 XML 签名包装 (XSW) 允许攻击者通过 SAML 响应操作向身份提供商 (IP) 进行身份验证,从而冒充任何 TOPdesk 用户。
CVSS Information
N/A
Vulnerability Type
N/A