Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-31084

Опубликовано: 27 июн. 2022
Источник: ubuntu
Приоритет: medium
CVSS2: 6.8
CVSS3: 8.1

Описание

LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 There are cases where LAM instantiates objects from arbitrary classes. An attacker can inject the first constructor argument. This can lead to code execution if non-LAM classes are instantiated that execute code during object creation. This issue has been fixed in version 8.0.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

needs-triage

esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

not-affected

8.0.1-1
esm-apps/xenial

needs-triage

focal

ignored

end of standard support, was needs-triage
impish

ignored

end of life
jammy

needs-triage

Показывать по

Ссылки на источники

6.8 Medium

CVSS2

8.1 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2022-31084

CVSS3: 8.1
nvd
больше 3 лет назад

LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 There are cases where LAM instantiates objects from arbitrary classes. An attacker can inject the first constructor argument. This can lead to code execution if non-LAM classes are instantiated that execute code during object creation. This issue has been fixed in version 8.0.

debian логотип

CVE-2022-31084

CVSS3: 8.1
debian
больше 3 лет назад

LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. ...

fstec логотип

BDU:2022-04001

CVSS3: 9
fstec
больше 3 лет назад

Уязвимость веб-приложения управления учетными записями LDAP Account Manager, связанная с внедрением или модификацией аргументов, позволяющая нарушителю выполнить произвольный код

6.8 Medium

CVSS2

8.1 High

CVSS3