Security Advisory

CVE-2021-43350

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-11-11 13:00:15

Last updated 2024-08-04 03:55:28

Assigner apache

State PUBLISHED

Description

An unauthenticated Apache Traffic Control Traffic Ops user can send a request with a specially-crafted username to the POST /login endpoint of any API version to inject unsanitized content into the LDAP filter.

← Browse all CVEs View on cve.org ↗