CVE-2020-12676 - FusionAuth SAML v2.0 bindings in Java using JAXB - Signature Exclusion Attack

Posted by Advisories on Oct 02

#############################################################
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/research/advisories/
#
#############################################################
#
# Product: SAML v2.0 bindings in Java using JAXB
# Vendor: FusionAuth
# CSNC ID: CSNC-2020-002
# CVE ID: CVE-2020-12676
# Subject: Signature Exclusion Attack
# Risk: High
# Effect: Remotely exploitable
# Author: Felix…

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Original Source

Tags: cyber, exploit, full disclosure, OSINT, seclist, Security, threatintel, vulnerabilities, vulnerability, vulns

CVE-2020-12676 – FusionAuth SAML v2.0 bindings in Java using JAXB – Signature Exclusion Attack

Original Source

RansomHouse Ransomware Victim: STERCH – INTERNATIONAL s[.]r[.]o[.]

RansomHouse Ransomware Victim: Bank Pembangunan Daerah Banten Tbk PT

BianLian Ransomware Victim: defi SOLUTIONS[.]

CISA: Juniper Releases Security Bulletin for Multiple Juniper Products

CISA: Joint Guidance on Deploying AI Systems Securely

Original Source

You may have missed

RansomHouse Ransomware Victim: STERCH – INTERNATIONAL s[.]r[.]o[.]

RansomHouse Ransomware Victim: Bank Pembangunan Daerah Banten Tbk PT

BianLian Ransomware Victim: defi SOLUTIONS[.]

CISA: Juniper Releases Security Bulletin for Multiple Juniper Products

CISA: Joint Guidance on Deploying AI Systems Securely