CVE-2025-34062 | One Identity OneLogin Active Directory Connector up to 6.1.4 JWT Signing Key configuration endpoint information disclosure

Inserito da Angelo Barbosa | Lug 1, 2025 | CVE

A vulnerability classified as problematic was found in One Identity OneLogin Active Directory Connector up to 6.1.4. This vulnerability affects unknown code of the file /api/adc/v4/configuration endpoint of the component JWT Signing Key Handler. The manipulation leads to information disclosure.

This vulnerability was named CVE-2025-34062. Local access is required to approach this attack. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-34062 | One Identity OneLogin Active Directory Connector up to 6.1.4 JWT Signing Key configuration endpoint information disclosure

Post correlati

CVE-2024-23285 | Apple macOS up to 14.3 symlink (HT214084)

CVE-2024-28736 | Debezium UI 2.5 Refresh Page Local Privilege Escalation (ID 178794)

CVE-2025-5836 | Tenda AC9 15.03.02.13 POST Request /goform/SetIPTVCfg formSetIptv list command injection

CVE-2024-53859 | cli go-gh up to 2.11.0 Environment Variable information disclosure