Text only | Text with Images

Networking-Forums.com

Professional Discussions => Vendor Advisories => Topic started by: Netwörkheäd on June 02, 2021, 12:20:53 AM

Title: Cisco Security Advisory - Lasso SAML Implementation Vulnerability Affecting Cisco Products: June 2021
Post by: Netwörkheäd on June 02, 2021, 12:20:53 AM
Lasso SAML Implementation Vulnerability Affecting Cisco Products: June 2021

On June 1, 2021, Lasso disclosed a security vulnerability in the Lasso Security Assertion Markup Language (SAML) Single Sign-On (SSO) library. This vulnerability could allow an authenticated attacker to impersonate another authorized user when interacting with an application.


For a description of this vulnerability, see lasso.git NEWS.


This advisory will be updated as additional information becomes available.


This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lasso-saml-jun2021-DOXNRLkD



     
         
Security Impact Rating:  High
   
   
       
CVE: CVE-2021-28091
Source: Lasso SAML Implementation Vulnerability Affecting Cisco Products: June 2021 (https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lasso-saml-jun2021-DOXNRLkD?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Lasso%20SAML%20Implementation%20Vulnerability%20Affecting%20Cisco%20Products:%20June%202021&vs_k=1)
Text only | Text with Images