Security Advisory

CVE-2015-1169

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-02-10 20:00:00

Last updated 2024-08-06 04:33:20

Assigner mitre

State PUBLISHED

Description

Apereo Central Authentication Service (CAS) Server before 3.5.3 allows remote attackers to conduct LDAP injection attacks via a crafted username, as demonstrated by using a wildcard and a valid password to bypass LDAP authentication.

← Browse all CVEs View on cve.org ↗