Computer Security
[EN] securityvulns.ru no-pyccku


Apache CloudStac authentication bypass
Published:29.12.2014
Source:
SecurityVulns ID:14185
Type:remote
Threat Level:
5/10
Description:Password is not checked for LDAP binds.
Affected:APACHE : CloudStack 4.4
CVE:CVE-2014-7807 (Apache CloudStack 4.3.x before 4.3.2 and 4.4.x before 4.4.2 allows remote attackers to bypass authentication via a login request without a password, which triggers an unauthenticated bind.)
Original documentdocumentAPACHE, [CVE-2014-7807] Apache CloudStack unauthenticated LDAP binds (29.12.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod