Security Advisory

CVE-2022-43959

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-01-20 00:00:00

Last updated 2025-04-02 16:00:55

Assigner mitre

State PUBLISHED

Description

Insufficiently Protected Credentials in the AD/LDAP server settings in 1C-Bitrix Bitrix24 through 22.200.200 allow remote administrators to discover an AD/LDAP administrative password by reading the source code of /bitrix/admin/ldap_server_edit.php.

← Browse all CVEs View on cve.org ↗