← back
CVE-2011-4625

CVE-2011-4625

EPSS 0.7%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.7%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
06 Nov 2019Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
simplesamlphp before 1.6.3 (squeeze) and before 1.8.2 (sid) incorrectly handles XML encryption which could allow remote attackers to decrypt or forge messages.
Affected products
simplesamlphp · simplesamlphp

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://security-tracker.debian.org/tracker/CVE-2011-4625https://www.mageni.net/1.3.6.1.4.1.25623.1.0.70545