Web Vulnerability Report
ID | EDB-ID-50480 |
CVSS 3.0 | 7.5 |
Cloudbric Score
?
|
Medium |
Cloudbric Detection | Yes |
Vulnerability Type | LDAP Injection |
Published Date | 2021-11-03 |
Updated Date | 2022-01-21 |
Vendor | 13.00 |
Description | ForgeRock OpenAM before 13.5.1 allows LDAP injection via the Webfinger protocol. For example, an unauthenticated attacker can perform character-by-character retrieval of password hashes, or retrieve a session token or a private key. |
Reference | https://nvd.nist.gov/vuln/detail/CVE-2021-29156 |
URL Link | https://www.exploit-db.com/exploits/50480/ |
This vulnerability has been detected by Cloudbric!
Block NOW!
ID | Description | Vulnerability Type |
Cloudbric Score
?
|
Updated Date | Detection |
---|
To receive weekly updates on new vulnerabilities added to Threat Index
Subscribe Now