Lucene search
Https://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-2E698F41CE9168C14E21BC498E1D0548HistorySep 09, 2019 - 12:00 a.m.
Improper Authentication
2019-09-0900:00:00
https://gitlab.com/gitlab-org/security-products/gemnasium-db
gitlab.com
8
0.004 Low
EPSS
Percentile
74.9%
Improper authentication is possible in Apache Traffic Control versions if LDAP is enabled for login in the Traffic Ops API component. Given a username for a user that can be authenticated via LDAP, it is possible to improperly authenticate as that user without that user’s correct password.
| CPE | Name | Operator | Version |
|---|---|---|---|
| go/github.com/apache/trafficcontrol | ge | 3.0.0 | |
| go/github.com/apache/trafficcontrol | le | 3.0.1 |
References
Related
gitlab
gitlab
Improper Authentication
2021-05-18 00:00:00
veracode
veracode
Authentication Bypass
2019-09-09 05:35:09
osv
osv
Improper Authentication in Apache Traffic Control
2021-05-18 15:39:16
CVE-2019-12405
2019-09-09 17:15:13
prion
prion
Authentication flaw
2019-09-09 17:15:00
github
github
Improper Authentication in Apache Traffic Control
2021-05-18 15:39:16
cvelist
cvelist
CVE-2019-12405
2019-09-09 16:36:25
nvd
nvd
CVE-2019-12405
2019-09-09 17:15:13
f5
f5
K84141859 : Apache Traffic Control vulnerability CVE-2019-12405
2019-09-26 00:00:00
cve
cve
CVE-2019-12405
2019-09-09 17:15:13