Weak Encryption of Data in pysaml2 IDP Server
CVE-2017-1000246 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
Python package pysaml2 version 4.4.0 and earlier reuses the initialization vector across encryptions in the IDP server, resulting in weak encryption of data.
Learn more about our Cis Benchmark Audit For Server Software.