First published: Fri Dec 13 2024(Updated: )
Missing Authorization vulnerability in miniOrange SAML SP Single Sign On allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SAML SP Single Sign On: from n/a through 5.0.4.
Credit: audit@patchstack.com
Affected Software | Affected Version | How to fix |
---|---|---|
MiniOrange SAML | <=5.0.4 | |
WordPress SAML Single Sign On | <=5.0.4 |
Update the WordPress SAML SP Single Sign On plugin to the latest available version (at least 5.0.5).
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-41873 is classified as a Missing Authorization security vulnerability.
To fix CVE-2023-41873, update the miniOrange SAML SP Single Sign On plugin to version 5.0.5 or later.
CVE-2023-41873 affects the miniOrange SAML SP Single Sign On versions up to and including 5.0.4.
Yes, CVE-2023-41873 can be exploited on the WordPress SAML Single Sign On – SSO Login plugin up to version 5.0.4.
Exploiting CVE-2023-41873 can lead to unauthorized access due to incorrectly configured access control security levels.