CVE-2015-5246

Опубликовано: 06 окт. 2017

Источник: nvd

CVSS3: 8.1

CVSS2: 6.8

EPSS Низкий

Описание

The LDAP Authentication functionality in Foreman might allow remote attackers with knowledge of old passwords to gain access via vectors involving the password lifetime period in Active Directory.

Ссылки

http://projects.theforeman.org/issues/11471
Issue Tracking
Patch
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1258700
Issue Tracking
http://projects.theforeman.org/issues/11471
Issue Tracking
Patch
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1258700
Issue Tracking

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:theforeman:foreman:1.9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00711

Низкий

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-254

Связанные уязвимости

CVE-2015-5246

redhat

больше 10 лет назад

The LDAP Authentication functionality in Foreman might allow remote attackers with knowledge of old passwords to gain access via vectors involving the password lifetime period in Active Directory.

CVE-2015-5246

CVSS3: 8.1

debian

больше 8 лет назад

The LDAP Authentication functionality in Foreman might allow remote at ...

GHSA-4468-gjjg-mh5q

CVSS3: 8.1

github

больше 3 лет назад

The LDAP Authentication functionality in Foreman might allow remote attackers with knowledge of old passwords to gain access via vectors involving the password lifetime period in Active Directory.

EPSS

Процентиль: 72%

0.00711

Низкий

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-254