CVE-2017-12873
- Source
- https://cve.org/CVERecord?id=CVE-2017-12873
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-12873.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2017-12873
- Aliases
- Downstream
- Published
- 2017-09-01T21:29:00.593Z
- Modified
- 2026-03-13T16:00:11.786324Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
SimpleSAMLphp 1.7.0 through 1.14.10 might allow attackers to obtain sensitive information, gain unauthorized access, or have unspecified other impacts by leveraging incorrect persistent NameID generation when an Identity Provider (IdP) is misconfigured.
- References
Affected packages
Git / github.com/cesnet/proxystatistics-simplesamlphp-module
Affected ranges
- Type
- GIT
- Repo
- https://github.com/cesnet/proxystatistics-simplesamlphp-module
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "0" }, { "last_affected": "7.0" }, { "introduced": "0" }, { "last_affected": "8.0" } ] }