Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2021-38266
HistoryMar 02, 2022 - 11:00 p.m.

CVE-2021-38266

2022-03-0223:00:44
mitre
www.cve.org
3
portal security
liferay portal
ldap import
remote attackers
user authentication

EPSS

0.003

Percentile

72.0%

JSON

The Portal Security module in Liferay Portal 7.2.1 and earlier, and Liferay DXP 7.0 before fix pack 90, 7.1 before fix pack 17 and 7.2 before fix pack 5 does not correctly import users from LDAP, which allows remote attackers to prevent a legitimate user from authenticating by attempting to sign in as a user that exist in LDAP.

Related

osv 2
cve 1
nvd 1
veracode 1
cnvd 1
prion 1
osv
osv
CVE-2021-38266
2022-03-02 23:15:08
BIT-liferay-2021-38266
2024-01-31 15:22:00
cve
cve
CVE-2021-38266
2022-03-02 23:15:08
nvd
nvd
CVE-2021-38266
2022-03-02 23:15:08
veracode
veracode
Denial Of Service (DoS)
2022-03-04 20:13:10
cnvd
cnvd
Liferay Portal and Liferay DXP Denial of Service Vulnerability
2022-03-04 00:00:00
prion
prion
Code injection
2022-03-02 23:15:00

EPSS

0.003

Percentile

72.0%

JSON
Related for CVELIST:CVE-2021-38266
osv2cve1nvd1veracode1cnvd1prion1