Описание
Incorrect Access Control in the LDAP class of GONICUS GOsa through 2019-04-11 allows an attacker to log into any account with a username containing the case-insensitive substring "success" when an arbitrary password is provided.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | DNE | |
| disco | ignored | end of life |
| eoan | not-affected | 1.2.3-5 |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | not-affected | 1.2.3-5 |
| esm-apps/jammy | not-affected | 1.2.3-5 |
| esm-apps/xenial | needs-triage | |
| esm-infra-legacy/trusty | DNE | |
| focal | not-affected | 1.2.3-5 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | not-affected | 2.7.4+reloaded3-9 |
| disco | ignored | end of life |
| eoan | not-affected | 2.7.4+reloaded3-9 |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | not-affected | 2.7.4+reloaded3-9 |
| esm-apps/jammy | not-affected | 2.7.4+reloaded3-9 |
| esm-apps/noble | not-affected | 2.7.4+reloaded3-9 |
| esm-apps/xenial | released | 2.7.4+reloaded2-9ubuntu1.1 |
| esm-infra-legacy/trusty | DNE |
Показывать по
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
Incorrect Access Control in the LDAP class of GONICUS GOsa through 2019-04-11 allows an attacker to log into any account with a username containing the case-insensitive substring "success" when an arbitrary password is provided.
Incorrect Access Control in the LDAP class of GONICUS GOsa through 201 ...
Incorrect Access Control in the LDAP class of GONICUS GOsa through 2019-04-11 allows an attacker to log into any account with a username containing the case-insensitive substring "success" when an arbitrary password is provided.
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3