Arbitrary Domain Account Login Vulnerability in Artiva Agency Single Sign-On Implementation

Arbitrary Domain Account Login Vulnerability in Artiva Agency Single Sign-On Implementation

CVE-2014-0348 · LOW Severity

AV:N/AC:M/AU:S/C:P/I:N/A:N

The Artiva Agency Single Sign-On (SSO) implementation in Artiva Workstation 1.3.x before 1.3.9, Artiva Rm 3.1 MR7, Artiva Healthcare 5.2 MR5, and Artiva Architect 3.2 MR5, when the domain-name option is enabled, allows remote attackers to login to arbitrary domain accounts by using the corresponding username on a Windows client machine.

Learn more about our User Device Pen Test.