CNNVD-202507-052 Information
CNNVD ID
CNNVD-202507-052
Related CVE
- CNNVD Published: 2025-07-01
Description (Chinese)
One Identity OneLogin AD Connector是美国One Identity公司的一个连接器软件。 One Identity OneLogin AD Connector存在安全漏洞,该漏洞源于云基础设施配置不当导致日志数据泄露。
Description (English)
One Identity OneLogin AD Contractor is a connection software for One Identity in the United States. One Identity OneLogin AD Connéctor has a security loophole, which arises from the inappropriate configuration of the cloud infrastructure, resulting in the leakage of log data.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Oneflow
Published
2025-07-01
Last Modified
2026-02-24
References
https://vulncheck.com/advisories/onelogin-ad-connector-account-compromise https://specterops.io/blog/2025/06/10/onelogin-many-issues-how-i-pivoted-from-a-trial-tenant-to-compromising-customer-signing-keys/ https://support.onelogin.com/product-notification/noti-00001768 https://access.redhat.com/security/cve/cve-2025-34064
Patch
https://support.onelogin.com/product-notification/noti-00001768
Share on: