Details
-
Type: Monitor
-
Status: Closed
-
Priority: Major
-
Resolution: Done
-
Affects Version/s: None
-
Fix Version/s: 2021
-
Component/s: FIWARE-TECH-HELP
-
HD-Chapter:Security
-
HD-Enabler:KeyRock
Description
Created question in FIWARE Q/A platform on 25-01-2016 at 17:01
Please, ANSWER this question AT https://ask.fiware.org/question/336/oauth-20-vulnerabilities/
Question:
OAuth 2.0 Vulnerabilities
Description:
As FIWARE LAB / GE's are using OAUTH 2.0 https://www.fiware.org/tag/oauth/ it will be good to know, if current instances are not affected by mixed server attac on clients: https://mailarchive.ietf.org/arch/msg...
Activity
Transition | Time In Source Status | Execution Times | Last Executer | Last Execution Date | |||||
---|---|---|---|---|---|---|---|---|---|
|
8d 16h 42m | 1 | Alvaro Alonso | 04/Feb/16 9:45 AM | |||||
|
1s | 1 | Alvaro Alonso | 04/Feb/16 9:45 AM | |||||
|
1s | 1 | Alvaro Alonso | 04/Feb/16 9:45 AM |
Fernando Lopez
made changes -
Fix Version/s | 2021 [ 12600 ] |
Backlog Manager
made changes -
Summary | FIWARE.Request.Tech.Security.IDM-KeyRock.OAuth 2.0 Vulnerabilities | FIWARE.Question.Tech.Security.IDM-KeyRock.Security.IDM-KeyRock.OAuth 2.0 Vulnerabilities |
Manuel Escriche
made changes -
HD-Enabler | KeyRock [ 10889 ] | |
HD-Chapter | Security [ 10841 ] |
Alvaro Alonso
made changes -
Summary | FIWARE.Question.Tech.FIWARE.RequestTechSecurity.IDM-KeyRock.OAuth 2.0 Vulnerabilities | FIWARE.Request.Tech.Security.IDM-KeyRock.OAuth 2.0 Vulnerabilities |
Backlog Manager
made changes -
Summary | FIWARE.RequestTechSecurity.IDM-KeyRock.OAuth 2.0 Vulnerabilities | FIWARE.Question.Tech.FIWARE.RequestTechSecurity.IDM-KeyRock.OAuth 2.0 Vulnerabilities |
Backlog Manager
made changes -
Summary | FIWARE.Request.Tech.Security.IDM-KeyRock.OAuth 2.0 Vulnerabilities | FIWARE.RequestTechSecurity.IDM-KeyRock.OAuth 2.0 Vulnerabilities |
Alvaro Alonso
made changes -
Summary | FIWARE.Question.Tech.OAuth 2.0 Vulnerabilities | FIWARE.Request.Tech.Security.IDM-KeyRock.OAuth 2.0 Vulnerabilities |
Backlog Manager
made changes -
Summary | [fiware-askbot] OAuth 2.0 Vulnerabilities | FIWARE.Question.Tech.OAuth 2.0 Vulnerabilities |
Alvaro Alonso
made changes -
Resolution | Done [ 10000 ] | |
Status | Answered [ 10104 ] | Closed [ 6 ] |
Alvaro Alonso
made changes -
Status | In Progress [ 3 ] | Answered [ 10104 ] |
Alvaro Alonso
made changes -
Status | Open [ 1 ] | In Progress [ 3 ] |
Cyril Dangerville
made changes -
Assignee | Cyril Dangerville [ cyril.dangerville ] | Alvaro Alonso [ aalonsog ] |
Manuel Escriche
made changes -
Component/s | FIWARE-TECH-HELP [ 10278 ] |
Manuel Escriche
made changes -
Field | Original Value | New Value |
---|---|---|
Assignee | Cyril Dangerville [ cyril.dangerville ] |
Backlog Manager
created issue -
The IdM GE provides the OAuth Authorization Server features, including the management of OAuth clients, so re-assigning to the IdM GE owner that has a better visibility on this issue.