Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-chj8-5xgw-wcvj

Опубликовано: 07 янв. 2019
Источник: github
Github: Прошло ревью
CVSS3: 6.5

Описание

Moderate severity vulnerability that affects org.apache.karaf:apache-karaf

Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service.

Ссылки

Пакеты

Наименование

org.apache.karaf:apache-karaf

maven
Затронутые версииВерсия исправления

< 4.0.8

4.0.8

EPSS

Процентиль: 81%
0.0151
Низкий

6.5 Medium

CVSS3

CVE ID

CVE-2016-8750

Дефекты

CWE-90

Связанные уязвимости

redhat логотип

CVE-2016-8750

CVSS3: 7.5
redhat
около 9 лет назад

Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service.

nvd логотип

CVE-2016-8750

CVSS3: 6.5
nvd
почти 8 лет назад

Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service.

debian логотип

CVE-2016-8750

CVSS3: 6.5
debian
почти 8 лет назад

Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate u ...

EPSS

Процентиль: 81%
0.0151
Низкий

6.5 Medium

CVSS3

CVE ID

CVE-2016-8750

Дефекты

CWE-90