CVE-2025-8662 | THREATINT

Description

OpenAM (OpenAM Consortium Edition) contains a vulnerability that may cause it to malfunction as a SAML IdP due to a tampered request.This issue affects OpenAM: from 14.0.0 through 14.0.1.

PUBLISHED Reserved 2025-08-06 | Published 2025-09-02 | Updated 2025-09-03 | Assigner openam-jp

LOW: 2.3CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L

Product status

Default status

unknown

14.0.0 (semver)

affected

Credits

Hiromu Miyazaki (OSSTech Corporation) finder

References

openam-jp.github.io/Advisories/CVE-2025-8662/

cve.org (CVE-2025-8662)

nvd.nist.gov (CVE-2025-8662)

Download JSON