VYPR
Low severity3.1NVD Advisory· Published Sep 16, 2025· Updated Jun 17, 2026

CVE-2025-59270

CVE-2025-59270

Description

psPAS PowerShell module does not explicitly enforce TLS 1.2 within the 'Get-PASSAMLResponse' function during the SAML authentication process. An unauthenticated attacker in a 'Man-in-the-Middle' position could manipulate the TLS handshake and downgrade TLS to a deprecated protocol. Fixed in 7.0.209.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • psPAS/psPASllm-fuzzy
    Range: <7.0.209
  • pspete/psPASv5
    Range: 6.4.85

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.