QwikSec

Security Database

CVE

CWE

Training

CVE-2016-3085

Published: Jun 10, 2016

Modified: Aug 5, 2024

PUBLISHED

Description

Apache CloudStack 4.5.x before 4.5.2.1, 4.6.x before 4.6.2.1, 4.7.x before 4.7.1.1, and 4.8.x before 4.8.0.1, when SAML-based authentication is enabled and used, allow remote attackers to bypass authentication and access the user interface via vectors related to the SAML plugin.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://packetstormsecurity.com/files/137390/Apache-CloudStack-4.5.0-Authentication-Bypass.html

x_refsource_MISC

20160609 CVE-2016-3085: Apache CloudStack Authentication Bypass Vulnerability

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.