Lucene search
China National Vulnerability DatabaseCNVD-2022-53544HistoryJun 30, 2022 - 12:00 a.m.
LDAP Account Manager Injection Vulnerability (CNVD-2022-53544)
2022-06-3000:00:00
China National Vulnerability Database
www.cnvd.org.cn
16
ldap
account manager
injection
vulnerability
cnvd-2022-53544
access control
exploited
attacker
user name
enumeration
ldap data
EPSS
0.002
Percentile
57.3%
LDAP Account Manager is a web front-end for managing entries (e.g., users, groups, DHCP settings) stored in the LDAP directory.An injection vulnerability exists in LDAP Account Manager (LAM) versions prior to 8.0, which stems from faulty access control and could be exploited by an attacker to pass the user name field at login can be used to enumerate LDAP data.
Related
ubuntucve
ubuntucve
CVE-2022-31088
2022-06-27 00:00:00
cve
cve
CVE-2022-31088
2022-06-27 21:15:08
veracode
veracode
Arbitrary Code Injection
2022-07-06 19:52:52
nvd
nvd
CVE-2022-31088
2022-06-27 21:15:08
cvelist
cvelist
CVE-2022-31088 Unauthenticated LDAP Injection in ldap-account-manager
2022-06-27 20:45:18
debiancve
debiancve
CVE-2022-31088
2022-06-27 21:15:08
prion
prion
Design/Logic Flaw
2022-06-27 21:15:00
osv
osv
CVE-2022-31088
2022-06-27 21:15:08
ldap-account-manager - security update
2022-07-05 00:00:00
debian
debian
[SECURITY] [DSA 5177-1] ldap-account-manager security update
2022-07-05 18:28:44
openvas
openvas
Debian: Security Advisory (DSA-5177-1)
2022-07-07 00:00:00
nessus
nessus
Debian DSA-5177-1 : ldap-account-manager - security update
2022-07-06 00:00:00