cvedb.io
CVE-2015-6671
MEDIUM · CVSS 5.9
EPSS exploitation probability: 0%
Published 2017-03-13T07:59:00.157 · Last modified 2026-06-17T00:31:13.140

Summary

Open edX edx-platform before 2015-08-25 requires use of the database for storage of SAML SSO secrets, which makes it easier for context-dependent attackers to obtain sensitive information by leveraging access to a database backup.

Affected products

edx — edx-platform

Does this affect you?

Add your gear to cvedb and we'll alert you only when edx ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.