Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2017-6413
Description:The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka mod_auth_openidc) module before 2.1.6 for the Apache HTTP Server does not skip OIDC_CLAIM_ and OIDCAuthNHeader headers in an "AuthType oauth20" configuration, which allows remote attackers to bypass authentication via crafted HTTP traffic.
Test IDs: None available
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2017-6413
BugTraq ID: 96549
RedHat Security Advisories: RHSA-2019:2112

© 1998-2021 E-Soft Inc. All rights reserved.