CVE-2009-5083

CVE-2009-5083 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when configured as an OpenID relying party, does not perform the expected login rejection upon receiving an OP-Identifier from an OpenID provider, which allows remote attackers to bypass authentication via unspecified vectors.

Learn more about our Web Application Penetration Testing UK.