Products
Akana
- before 2022.1.4
Source
security@puppet.com
Tags
CVE-2024-3826 details
Published : July 2, 2024, 4:15 p.m.
Last Modified : July 2, 2024, 5:44 p.m.
Last Modified : July 2, 2024, 5:44 p.m.
Description
In versions of Akana in versions prior to and including 2022.1.3 validation is broken when using the SAML Single Sign-On (SSO) functionality.
CVSS Score
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|---|---|
| CWE-287 | Improper Authentication | When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. |
References
| URL | Source |
|---|---|
| https://portal.perforce.com/s/detail/a91PA000001SUAfYAO | security@puppet.com |
This website uses the NVD API, but is not approved or certified by it.