LTB (aka LDAP Tool Box) Self Service Password before 1.3 allows a change to a user password (without knowing the old password) via a crafted POST request, because the ldap_bind return value is mishandled and the PHP data type is not constrained to be a string.
References
Link | Resource |
---|---|
https://github.com/ltb-project/self-service-password/issues/209 | Third Party Advisory |
https://github.com/ltb-project/self-service-password/issues/211 | Third Party Advisory |
https://lists.ltb-project.org/pipermail/ltb-announce/2018-June/000023.html | Mailing List Patch Vendor Advisory |
https://github.com/ltb-project/self-service-password/issues/209 | Third Party Advisory |
https://github.com/ltb-project/self-service-password/issues/211 | Third Party Advisory |
https://lists.ltb-project.org/pipermail/ltb-announce/2018-June/000023.html | Mailing List Patch Vendor Advisory |
Configurations
History
21 Nov 2024, 03:45
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/ltb-project/self-service-password/issues/209 - Third Party Advisory | |
References | () https://github.com/ltb-project/self-service-password/issues/211 - Third Party Advisory | |
References | () https://lists.ltb-project.org/pipermail/ltb-announce/2018-June/000023.html - Mailing List, Patch, Vendor Advisory |
Information
Published : 2018-06-14 19:29
Updated : 2024-11-21 03:45
NVD link : CVE-2018-12421
Mitre link : CVE-2018-12421
CVE.ORG link : CVE-2018-12421
JSON object : View
Products Affected
ltb-project
- ldap_tool_box_self_service_password
CWE
CWE-640
Weak Password Recovery Mechanism for Forgotten Password