An issue was discovered in Talend Data Catalog before 7.3-20210930. After setting up SAML/OAuth, authentication is not correctly enforced on the native login page. Any valid user from the SAML/OAuth provider can be used as the username with an arbitrary password, and login will succeed.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-11-05T17:20:39

Updated: 2024-08-04T03:38:50.217Z

Reserved: 2021-10-22T00:00:00

Link: CVE-2021-42837

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-11-05T18:15:09.377

Modified: 2024-11-21T06:28:12.357

Link: CVE-2021-42837

cve-icon Redhat

No data.