Vulnerability DatabaseCVE-2015-0277
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2015-0277
Published:August 17, 2015
Updated:May 17, 2026
The Service Provider (SP) in PicketLink before 2.7.0 does not ensure that it is a member of an Audience element when an AudienceRestriction is specified, which allows remote attackers to log in to other users' accounts via a crafted SAML assertion. NOTE: this identifier has been SPLIT per ADT2 due to different vulnerability types. See CVE-2015-6254 for lack of validation for the Destination attribute in a Response element in a SAML assertion.
Related Resources (6)
http://rhn.redhat.com/errata/RHSA-2015-0846.html
http://rhn.redhat.com/errata/RHSA-2015-0847.html
https://bugzilla.redhat.com/show_bug.cgi?id=1194832
http://rhn.redhat.com/errata/RHSA-2015-0848.html
http://rhn.redhat.com/errata/RHSA-2015-0849.html
https://issues.jboss.org/browse/PLINK-678
Do you need more information?
Contact Us
CVSS v3
Base Score:
5
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
LOW
Availability
LOW
CVSS v2
Base Score:
6
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
Weakness Type (CWE)
Improper Access Control
CWE-284
EPSS
Base Score:
0.53