CVE-2023-23951

2023-01-2400:00:00

symantec

www.cve.org

oracle ldap

attribute enumeration

application query modification

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

27.1%

JSON

Ability to enumerate the Oracle LDAP attributes for the current user by modifying the query used by the application

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Symantec Identity Management And Governance",
    "versions": [
      {
        "version": "14.3, 14.4.1, 14.4.2",
        "status": "affected"
      }
    ]
  }
]

References

support.broadcom.com/external/content/SecurityAdvisories/0/21174