VYPR
Unrated severityNVD Advisory· Published May 22, 2020· Updated Aug 4, 2024

CVE-2020-13415

CVE-2020-13415

Description

An issue was discovered in Aviatrix Controller through 5.1. An attacker with any signed SAML assertion from the Identity Provider can establish a connection (even if that SAML assertion has expired or is from a user who is not authorized to access Aviatrix), aka XML Signature Wrapping.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.