NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2024-45160

Summary	Incorrect credential validation in LemonLDAP::NG 2.18.x and 2.19.x before 2.19.2 allows attackers to bypass OAuth2 client authentication via an empty client_password parameter (client secret).
Publication Date	Oct. 9, 2024, 2:15 p.m.
Registration Date	Oct. 9, 2024, 8 p.m.
Last Update	Oct. 10, 2024, 9:51 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/tags
2	https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/3223
3	https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/commit/06d771cbc2d5c752354c50f83e4912e5879f9aa2
4	https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/commit/236cdfe42c1dc04a15a4a40c5e6a8c2e858d71d7
5	https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/commit/696f49a0855faeb271096dccb8381e2129687c3d

Common Vulnerabilities List