Описание
When the LDAP connector is started with StartTLS configured, unauthenticated access is granted. This issue affects: all versions of the LDAP connector prior to 1.5.20.9. The LDAP connector is bundled with Identity Management (IDM) and Remote Connector Server (RCS)
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.5.20.9 (исключая)
cpe:2.3:a:forgerock:ldap_connector:*:*:*:*:*:*:*:*
EPSS
Процентиль: 55%
0.00322
Низкий
9.3 Critical
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-284
CWE-863
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
When the LDAP connector is started with StartTLS configured, unauthenticated access is granted. This issue affects: all versions of the LDAP connector prior to 1.5.20.9. The LDAP connector is bundled with Identity Management (IDM) and Remote Connector Server (RCS)
EPSS
Процентиль: 55%
0.00322
Низкий
9.3 Critical
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-284
CWE-863