Описание
Insecure storage of LDAP passwords in the authentication functionality of AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS allows members (with read access to the application database) to decrypt the LDAP passwords of users who successfully authenticate to web management via LDAP.
EPSS
Процентиль: 26%
0.0009
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-922
Связанные уязвимости
CVSS3: 6.5
github
почти 2 года назад
Insecure storage of LDAP passwords in the authentication functionality of AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS allows members (with read access to the application database) to decrypt the LDAP passwords of users who successfully authenticate to web management via LDAP.
EPSS
Процентиль: 26%
0.0009
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-922