CVE-2020-13415

Summary: 
An issue was discovered in Aviatrix Controller through 5.1. An attacker with any signed SAML assertion from the Identity Provider can establish a connection (even if that SAML assertion has expired or is from a user who is not authorized to access Aviatrix), aka XML Signature Wrapping.
Published: 
Friday, May 22, 2020 - 21:15
cvss: 
5.0