7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.001 Low
EPSS
Percentile
43.1%
cas-server-support-x509-core is vulnerable to Credentials Leaks. The vulnerability exists because the prepareConnectionFactory
function of LdaptiveResourceCRLFetcher.java
does not properly validate the ldapURL
parameter provided by the certificate, leaking the credentials for LDAP authentication by sending maliciously crafted X509 client certificate containing a βCRL Distribution Pointsβ extension with URLs pointing to a malicious resource when configured to use X509 certificate authentication with LDAP directory.