Denial of Service Vulnerability in Shibboleth Service Provider (SP) 2.5.4 and earlier

Denial of Service Vulnerability in Shibboleth Service Provider (SP) 2.5.4 and earlier

CVE-2015-2684 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:N/A:P

Shibboleth Service Provider (SP) before 2.5.4 allows remote authenticated users to cause a denial of service (crash) via a crafted SAML message.

Learn more about our User Device Pen Test.