Apache Directory Studio is vulnerable to confidentiality protection bypass. The vulnerability exists because it does not apply SASL confidentiality layer when SASL authentication mechanism is used.
github.com/apache/directory-studio/commit/18ad16e89deb2998ee0fef0f16a9a85a0df1ddd2
github.com/apache/directory-studio/commit/b53667ab3b87afcfcd6f1b1df90d733636cfc888
issues.apache.org/jira/browse/DIRSTUDIO-1219
issues.apache.org/jira/browse/DIRSTUDIO-1220
lists.apache.org/thread.html/rb1dbcc43a5b406e45d335343a1704f4233de613140a01929d102fdc9%40%3Cusers.directory.apache.org%3E