Zendesk Samlr up to 2.6.1 XML Node name_id unknown vulnerability
| CVSS Meta Temp Score | Current Exploit Price (โ) |
|---|---|
| 5.3 | $0-$5k |
A vulnerability was found in Zendesk Samlr up to 2.6.1. It has been rated as problematic. Affected by this issue is an unknown code of the component XML Node Handler. The manipulation of the argument name_id with the input value user@example.com leads to a unknown weakness. The impact remains unknown.
The weakness was disclosed 07/26/2019. This vulnerability is handled as CVE-2018-20857 since 07/26/2019. Technical details are known, but there is no available exploit. The structure of the vulnerability defines a possible price range of USD $0-$5k at the moment (estimation calculated on 07/26/2019).
Upgrading to version 2.6.2 eliminates this vulnerability.
Vendor
Name
Class: Unknown
Local: Yes
Remote: No
Availability: ๐
Status: Not defined
Price Prediction: ๐
Current Price Estimation: ๐
| 0-Day | unlock | unlock | unlock | unlock |
|---|---|---|---|---|
| Today | unlock | unlock | unlock | unlock |
Threat Intelligence
Threat: ๐
Adversaries: ๐
Geopolitics: ๐
Economy: ๐
Predictions: ๐
Remediation: ๐Recommended: Upgrade
Status: ๐
0-Day Time: ๐
Upgrade: Samlr 2.6.2
07/26/2019 Advisory disclosed
07/26/2019 VulDB entry created
07/26/2019 CVE assigned
07/26/2019 VulDB last update
CVE: CVE-2018-20857 (๐)Created: 07/26/2019 06:00 PM
Complete: ๐
Download the whitepaper to learn more about our service!
https://vuldb.com/?id.138842
Gloss