2010-04-28 23:00:00
mitre
PUBLISHED
Support Incident Tracker before 3.51, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty password.