Lucene search
Veracode Vulnerability DatabaseVERACODE:31563HistoryAug 11, 2021 - 8:49 a.m.
Confidentiality Protection Bypass
2021-08-1108:49:38
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
apache directory studio
confidentiality protection
vulnerability
sasl authentication
EPSS
0.001
Percentile
21.6%
Apache Directory Studio is vulnerable to confidentiality protection bypass. The vulnerability exists because it does not apply SASL confidentiality layer when SASL authentication mechanism is used.
References
github.com/apache/directory-studio/commit/18ad16e89deb2998ee0fef0f16a9a85a0df1ddd2
github.com/apache/directory-studio/commit/b53667ab3b87afcfcd6f1b1df90d733636cfc888
issues.apache.org/jira/browse/DIRSTUDIO-1219
issues.apache.org/jira/browse/DIRSTUDIO-1220
lists.apache.org/thread.html/rb1dbcc43a5b406e45d335343a1704f4233de613140a01929d102fdc9%40%3Cusers.directory.apache.org%3E
Related
github
github
Missing encryption in Apache Directory Studio
2021-08-09 20:40:53
nvd
nvd
CVE-2021-33900
2021-07-26 07:15:07
cve
cve
CVE-2021-33900
2021-07-26 07:15:07
cvelist
cvelist
CVE-2021-33900 StartTLS and SASL confidentiality protection bypass
2021-07-26 07:05:10
prion
prion
Authentication flaw
2021-07-26 07:15:00
ubuntucve
ubuntucve
CVE-2021-33900
2021-07-26 00:00:00
osv
osv
Missing encryption in Apache Directory Studio
2021-08-09 20:40:53
CVE-2021-33900
2021-07-26 07:15:07