exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2021-40874

больше 3 лет назад

An issue was discovered in LemonLDAP::NG (aka lemonldap-ng) 2.0.13. When using the RESTServer plug-in to operate a REST password validation service (for another LemonLDAP::NG instance, for example) and using the Kerberos authentication method combined with another method with the Combination authentication plug-in, any password will be recognized as valid for an existing user.

CVSS3: 9.8

EPSS: Низкий

CVE-2021-40874

больше 3 лет назад

An issue was discovered in LemonLDAP::NG (aka lemonldap-ng) 2.0.13. When using the RESTServer plug-in to operate a REST password validation service (for another LemonLDAP::NG instance, for example) and using the Kerberos authentication method combined with another method with the Combination authentication plug-in, any password will be recognized as valid for an existing user.

CVSS3: 9.8

EPSS: Низкий

CVE-2021-40874

больше 3 лет назад

An issue was discovered in LemonLDAP::NG (aka lemonldap-ng) 2.0.13. Wh ...

CVSS3: 9.8

EPSS: Низкий

GHSA-gvrq-49rv-2rq7

больше 3 лет назад

An issue was discovered in LemonLDAP::NG (aka lemonldap-ng) 2.0.13. When using the RESTServer plug-in to operate a REST password validation service (for another LemonLDAP::NG instance, for example) and using the Kerberos authentication method combined with another method with the Combination authentication plug-in, any password will be recognized as valid for an existing user.

CVSS3: 9.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2021-40874 An issue was discovered in LemonLDAP::NG (aka lemonldap-ng) 2.0.13. When using the RESTServer plug-in to operate a REST password validation service (for another LemonLDAP::NG instance, for example) and using the Kerberos authentication method combined with another method with the Combination authentication plug-in, any password will be recognized as valid for an existing user.	CVSS3: 9.8	0% Низкий	больше 3 лет назад
CVE-2021-40874 An issue was discovered in LemonLDAP::NG (aka lemonldap-ng) 2.0.13. When using the RESTServer plug-in to operate a REST password validation service (for another LemonLDAP::NG instance, for example) and using the Kerberos authentication method combined with another method with the Combination authentication plug-in, any password will be recognized as valid for an existing user.	CVSS3: 9.8	0% Низкий	больше 3 лет назад
CVE-2021-40874 An issue was discovered in LemonLDAP::NG (aka lemonldap-ng) 2.0.13. Wh ...	CVSS3: 9.8	0% Низкий	больше 3 лет назад
GHSA-gvrq-49rv-2rq7 An issue was discovered in LemonLDAP::NG (aka lemonldap-ng) 2.0.13. When using the RESTServer plug-in to operate a REST password validation service (for another LemonLDAP::NG instance, for example) and using the Kerberos authentication method combined with another method with the Combination authentication plug-in, any password will be recognized as valid for an existing user.	CVSS3: 9.8	0% Низкий	больше 3 лет назад

Уязвимостей на страницу