Spoofing Vulnerability in IBM Tivoli Federated Identity Manager
CVE-2008-7299

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Federated Identity Manager
Vendor: CVE Published:; 12 August 2011

What is CVE-2008-7299?

IBM Tivoli Federated Identity Manager versions prior to 6.2.0.2 exhibit a vulnerability due to an incomplete implementation of the SAML 1.x browser-artifact mechanism. This flaw allows malicious remote OpenID providers to spoof assertions through manipulation of the Issuer field, potentially compromising the integrity of the federated identity management solution. Organizations utilizing affected versions should take immediate steps to apply relevant updates and mitigate associated risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www-01.ibm.com/support/docview.wss?uid=swg1IZ35742

vendor-advisoryx_refsource_AIXAPAR

http://www.ibm.com/support/docview.wss?uid=swg24029497

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Aug 12, 2011

JSON

IBM

What is CVE-2008-7299?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.