High severity8.1NVD Advisory· Published Nov 2, 2017· Updated May 13, 2026

CVE-2017-10873

Description

OpenAM (Open Source Edition) allows an attacker to bypass authentication and access unauthorized contents via unspecified vectors. Note that this vulnerability affects OpenAM (Open Source Edition) implementations configured as SAML 2.0IdP, and switches authentication methods based on AuthnContext requests sent from the service provider.

Affected products

Osstech/Openam
cpe:2.3:a:osstech:openam:*:*:*:*:open_source:*:*:*
Range: >=9.5.5,<=9.5.5-41
Open Source Internet Solutions/Openamv5
Range: Open Source Edition

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.osstech.co.jp/support/am2017-2-1-ennvdPatchVendor Advisory
jvn.jp/en/jp/JVN79546124/nvdThird Party AdvisoryVDB Entry
www.cs.themistruct.comnvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.526
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000