Описание
The LDAP 'Bind password' value cannot be read after saving, but a Super Admin account can leak it by changing LDAP 'Host' to a rogue LDAP server. To mitigate this, the 'Bind password' value is now reset on 'Host' change.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | needs-triage | |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/xenial | needs-triage | |
| esm-infra-legacy/trusty | needs-triage | |
| jammy | needs-triage | |
| noble | DNE | |
| plucky | needs-triage | |
| questing | needs-triage |
Показывать по
EPSS
4.9 Medium
CVSS3
Связанные уязвимости
The LDAP 'Bind password' value cannot be read after saving, but a Super Admin account can leak it by changing LDAP 'Host' to a rogue LDAP server. To mitigate this, the 'Bind password' value is now reset on 'Host' change.
The LDAP 'Bind password' value cannot be read after saving, but a Supe ...
The LDAP 'Bind password' value cannot be read after saving, but a Super Admin account can leak it by changing LDAP 'Host' to a rogue LDAP server. To mitigate this, the 'Bind password' value is now reset on 'Host' change.
Уязвимость универсальной системы мониторинга Zabbix, связанная с предоставлением конфиденциальной информации неавторизованному лицу, позволяющая нарушителю получить доступ к конфиденциальной информации
EPSS
4.9 Medium
CVSS3