Total
26 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-8750 | 1 Apache | 1 Karaf | 2019-04-26 | 4.0 MEDIUM | 6.5 MEDIUM |
| Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service. | |||||
| CVE-2011-4069 | 1 Packetfence | 1 Packetfence | 2018-02-21 | 7.5 HIGH | 9.8 CRITICAL |
| html/admin/login.php in PacketFence before 3.0.2 allows remote attackers to conduct LDAP injection attacks and consequently bypass authentication via a crafted username. | |||||
| CVE-2017-4927 | 1 Vmware | 1 Vcenter Server | 2017-12-04 | 5.0 MEDIUM | 7.5 HIGH |
| VMware vCenter Server (6.5 prior to 6.5 U1 and 6.0 prior to 6.0 U3c) does not correctly handle specially crafted LDAP network packets which may allow for remote denial of service. | |||||
| CVE-2017-14596 | 1 Joomla | 1 Joomla\! | 2017-09-27 | 5.0 MEDIUM | 9.8 CRITICAL |
| In Joomla! before 3.8.0, inadequate escaping in the LDAP authentication plugin can result in a disclosure of a username and password. | |||||
| CVE-2017-8790 | 1 Accellion | 1 File Transfer Appliance | 2017-05-17 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Accellion FTA devices before FTA_9_12_180. The home/seos/courier/ldaptest.html POST parameter "filter" can be used for LDAP Injection. | |||||
| CVE-2016-9870 | 1 Emc | 1 Isilon Onefs | 2017-01-24 | 7.2 HIGH | 6.7 MEDIUM |
| EMC Isilon OneFS 8.0.0.0, EMC Isilon OneFS 7.2.1.0 - 7.2.1.2, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, and EMC Isilon OneFS 7.1.0.x is affected by an LDAP injection vulnerability that could potentially be exploited by a malicious user to compromise the system. | |||||