Security Advisory

CVE-2015-5649

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-10-08 20:00:00

Last updated 2024-08-06 06:59:03

Assigner jpcert

State PUBLISHED

Description

Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 mishandles authentication requests, which allows remote authenticated users to conduct LDAP injection attacks, and consequently bypass intended login restrictions or obtain sensitive information, by leveraging certain group-administration privileges.

← Browse all CVEs View on cve.org ↗