exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2014-0097

больше 8 лет назад

The ActiveDirectoryLdapAuthenticator in Spring Security 3.2.0 to 3.2.1 and 3.1.0 to 3.1.5 does not check the password length. If the directory allows anonymous binds then it may incorrectly authenticate a user who supplies an empty password.

CVSS3: 7.3

EPSS: Низкий

CVE-2014-0097

почти 12 лет назад

The ActiveDirectoryLdapAuthenticator in Spring Security 3.2.0 to 3.2.1 and 3.1.0 to 3.1.5 does not check the password length. If the directory allows anonymous binds then it may incorrectly authenticate a user who supplies an empty password.

CVSS2: 7.5

EPSS: Низкий

CVE-2014-0097

больше 8 лет назад

The ActiveDirectoryLdapAuthenticator in Spring Security 3.2.0 to 3.2.1 and 3.1.0 to 3.1.5 does not check the password length. If the directory allows anonymous binds then it may incorrectly authenticate a user who supplies an empty password.

CVSS3: 7.3

EPSS: Низкий

CVE-2014-0097

больше 8 лет назад

The ActiveDirectoryLdapAuthenticator in Spring Security 3.2.0 to 3.2.1 ...

CVSS3: 7.3

EPSS: Низкий

GHSA-gv9v-c375-hvmg

больше 3 лет назад

Improper Authentication in Spring Security

CVSS3: 7.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2014-0097 The ActiveDirectoryLdapAuthenticator in Spring Security 3.2.0 to 3.2.1 and 3.1.0 to 3.1.5 does not check the password length. If the directory allows anonymous binds then it may incorrectly authenticate a user who supplies an empty password.	CVSS3: 7.3	0% Низкий	больше 8 лет назад
CVE-2014-0097 The ActiveDirectoryLdapAuthenticator in Spring Security 3.2.0 to 3.2.1 and 3.1.0 to 3.1.5 does not check the password length. If the directory allows anonymous binds then it may incorrectly authenticate a user who supplies an empty password.	CVSS2: 7.5	0% Низкий	почти 12 лет назад
CVE-2014-0097 The ActiveDirectoryLdapAuthenticator in Spring Security 3.2.0 to 3.2.1 and 3.1.0 to 3.1.5 does not check the password length. If the directory allows anonymous binds then it may incorrectly authenticate a user who supplies an empty password.	CVSS3: 7.3	0% Низкий	больше 8 лет назад
CVE-2014-0097 The ActiveDirectoryLdapAuthenticator in Spring Security 3.2.0 to 3.2.1 ...	CVSS3: 7.3	0% Низкий	больше 8 лет назад
GHSA-gv9v-c375-hvmg Improper Authentication in Spring Security	CVSS3: 7.3	0% Низкий	больше 3 лет назад

Уязвимостей на страницу