Web Vulnerability Report
| ID | EDB-ID-50480 |
| CVSS 3.0 | 7.5 |
|
Cloudbric Score
?
|
Medium |
| Cloudbric Detection | Yes |
| Vulnerability Type | LDAP Injection |
| Published Date | 2021-11-03 |
| Updated Date | 2022-01-21 |
| Vendor | 13.00 |
| Description | ForgeRock OpenAM before 13.5.1 allows LDAP injection via the Webfinger protocol. For example, an unauthenticated attacker can perform character-by-character retrieval of password hashes, or retrieve a session token or a private key. |
| Reference | https://nvd.nist.gov/vuln/detail/CVE-2021-29156 |
| URL Link | https://www.exploit-db.com/exploits/50480/ |
This vulnerability has been detected by Cloudbric!
Block NOW!
| ID | Description | Vulnerability Type |
Cloudbric Score
?
|
Updated Date | Detection |
|---|
To receive weekly updates on new vulnerabilities added to Threat Index
Subscribe Now