Pete Maan

1 exploit Active since Sep 2025
CVE-2025-59270 WRITEUP LOW WRITEUP
psPAS PowerShell module - Info Disclosure
psPAS PowerShell module does not explicitly enforce TLS 1.2 within the 'Get-PASSAMLResponse' function during the SAML authentication process. An unauthenticated attacker in a 'Man-in-the-Middle' position could manipulate the TLS handshake and downgrade TLS to a deprecated protocol. Fixed in 7.0.209.
CVSS 3.1