Oneidentity: >> Cloud Access Manager >> 8.1.4 Security Vulnerabilities
One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows CSRF for logout requests.
CVSS Score
6.5
EPSS Score
0.012
Published
2019-11-04
One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows OTP bypass via vectors involving a man in the middle, the One Identity Defender product, and replacing a failed SAML response with a successful SAML response.
CVSS Score
8.1
EPSS Score
0.006
Published
2019-11-04