NVD

Id
26493  
Name
CVE-2015-5301  
Description
providers/saml2/admin.py in the Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.2 and 1.1.x before 1.1.1 does not properly check permissions, which allows remote authenticated users to cause a denial of service by deleting a SAML2 Service Provider (SP).  
Reject
 
CVSS Version
2  
CVSS Score
5.5  
Severity
Medium  
CVSS Base Score
5.5  
CVSS Impact Subscore
4.9  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:N/I:P/A:P)  
Pub Date
2017-01-19  
Published
2015-11-17  
Modified Date
2016-12-07  
Seq
2015-5301  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
140150 26493 CVE-2015-5301 FEDORA-2015-15291  View
140151 26493 CVE-2015-5301 FEDORA-2015-15292  View
140152 26493 CVE-2015-5301 FEDORA-2015-15290  View
140153 26493 CVE-2015-5301 [oss-security] 20151027 Multiple CVE info for Ipsilon  View
140154 26493 CVE-2015-5301 https://bugzilla.redhat.com/show_bug.cgi?id=1271530  View
140155 26493 CVE-2015-5301 https://fedorahosted.org/ipsilon/wiki/Releases/v1.0.2  View
140156 26493 CVE-2015-5301 https://fedorahosted.org/ipsilon/wiki/Releases/v1.1.1  View
140157 26493 CVE-2015-5301 https://pagure.io/ipsilon/9dec97c3c83928d231ea10f4160523a13803e594  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
10632 JVNDB-2015-005952 Ipsilon の Identity Provider サーバの providers/saml2/admin.py におけるサービス運用妨害 (DoS) の脆弱性 Ipsilon の Identity Provider (IdP) サーバの providers/saml2/admin.py は、パーミッションを適切にチェックしないため、サービス運用妨害 (DoS) 状態にされる脆弱性が存在します。 CVE-2015-5301 82526 CVE-2015-5301 26493 5.5 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-005952.html 2015-10-14 2015-11-19 View