Security advisory archivos - soffid.com
Soffid provides full Single Sign On experience and full identity governance features. All in an open source, efficient and powerful software product. Security and productivity is now affordable.
Single Sign on, Identity governance, IAM, Identity and access management, Open Source, free IAM, open source IAM
11
archive,category,category-security-advisory,category-11,ajax_fade,page_not_loaded,,qode_grid_1300,qode-child-theme-ver-1.0.0,qode-theme-ver-10.1.1,wpb-js-composer js-comp-ver-5.0.1,vc_responsive

Security advisory

Issued on: February 15th Publicly available on: June 1st Abstract: A security flaw has been detected on Soffid IAM Console version 1.7.4. A malformed authentication request could lead to arbitrary code execution. No credentials nor authorization is required to exploit this vulnerability Details Soffid IAM console lets users authenticate using username...

Date: February 2017 Security risk   Soffid engineering team has found a severe vulnerability in Soffid console component. An attacker would be able to execute arbitrary code by injecting a malformed identification token. A Soffid console upgrade has been released to address this security flaw. To protect our...