An issue was discovered in Talend Data Catalog before 7.3-20210930. After setting up SAML/OAuth, authentication is not correctly enforced on the native login page. Any valid user from the SAML/OAuth provider can be used as the username with an arbitrary password, and login will succeed.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-11-05T17:20:39
Updated: 2024-08-04T03:38:50.217Z
Reserved: 2021-10-22T00:00:00
Link: CVE-2021-42837
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-11-05T18:15:09.377
Modified: 2024-11-21T06:28:12.357
Link: CVE-2021-42837
Redhat
No data.