Jasig Multiple CAS Clients CVE-2014-4172 Security Bypass Vulnerability

Bugtraq ID:	69496
Class:	Origin Validation Error
CVE:	CVE-2014-4172
Remote:	Yes
Local:	No
Published:	Sep 01 2014 12:00AM
Updated:	Apr 13 2015 08:48PM
Credit:	Scott Battaglia
Vulnerable:	Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64
Not Vulnerable:

Jasig Multiple CAS Clients CVE-2014-4172 Security Bypass Vulnerability

Jasig Multiple CAS Clients are prone to a security-bypass vulnerability.

An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions, which may lead to further attacks.

Jasig Multiple CAS Clients CVE-2014-4172 Security Bypass Vulnerability

Currently, we are not aware of any exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].