An LDAP Injection vulnerability exists in the LdapIdentityBackend of Apache Kerby before 2.0.3.
References
Link | Resource |
---|---|
https://lists.apache.org/thread/ynz3hhbbq6d980fzpncwbh5jd8mkyt5y | Mailing List |
Configurations
History
24 Jan 2024, 19:38
Type | Values Removed | Values Added |
---|---|---|
First Time |
Apache identity Backend
|
|
CPE | cpe:2.3:a:apache:identity_backend:*:*:*:*:*:*:*:* |
07 Nov 2023, 04:09
Type | Values Removed | Values Added |
---|---|---|
Summary | An LDAP Injection vulnerability exists in the LdapIdentityBackend of Apache Kerby before 2.0.3. |
Information
Published : 2023-02-20 16:15
Updated : 2024-02-28 19:51
NVD link : CVE-2023-25613
Mitre link : CVE-2023-25613
CVE.ORG link : CVE-2023-25613
JSON object : View
Products Affected
apache
- identity_backend
CWE
CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')