CVE-2018-0489 vulnerability in Aruba Networks and Other Products
Published on February 27, 2018

Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML data. NOTE: this issue exists because of an incomplete fix for CVE-2018-0486.

Vendor Advisory NVD

Products Associated with CVE-2018-0489

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-0489 are published in these products:

Aruba Networks Clearpass

Shibboleth Xmltooling C

Debian Linux

Exploit Probability

EPSS

0.24%

Percentile

47.30%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-0489 vulnerability in Aruba Networks and Other ProductsPublished on February 27, 2018

Products Associated with CVE-2018-0489

Exploit Probability

CVE-2018-0489 vulnerability in Aruba Networks and Other Products
Published on February 27, 2018