CVE-2025-54982
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-08-05
Last updated on: 2025-08-05
Assigner: Zscaler, Inc.
Description
Description
An improper verification of cryptographic signature in Zscaler's SAML authentication mechanism on the server-side allowed an authentication abuse.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| zscaler | saml_authentication | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-347 | The product does not verify, or incorrectly verifies, the cryptographic signature for data. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
This vulnerability can lead to authentication abuse, potentially allowing unauthorized users to gain access to systems or data by bypassing proper authentication checks. It has a high impact on confidentiality and integrity but does not affect availability.
Can you explain this vulnerability to me?
This vulnerability is an improper verification of the cryptographic signature in Zscaler's SAML authentication mechanism on the server-side, which allows an attacker to abuse the authentication process.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70