9.3 CRITICAL
- CVSS version (CVSS): 4.0
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): Low (L)
- Attack Requirement (AT): None (N)
- Privileges Required (PR): None (N)
- User Interaction (UI): None (N)
- Vulnerable System Impact Confidentiality (VC): High (H)
- Vulnerable System Impact Integrity (VI): High (H)
- Vulnerable System Impact Availability (VA): None (N)
- Subsequent System Impact Confidentiality (SC): None (N)
- Subsequent System Impact Integrity (SI): None (N)
- Subsequent System Impact Availability (SA): None (N)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): Low (L)
- Modified Attack Requirement (MAT): None (N)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): None (N)
- Modified Vulnerable System Impact Confidentiality (MVC): High (H)
- Modified Vulnerable System Impact Integrity (MVI): High (H)
- Modified Vulnerable System Impact Availability (MVA): None (N)
- Modified Subsequent System Impact Confidentiality (MSC): Negligible (N)
- Modified Subsequent System Impact Integrity (MSI): Negligible (N)
- Modified Subsequent System Impact Availability (MSA): Negligible (N)
- Safety (S): Not Defined (X)
- Automatable (AU): Not Defined (X)
- Recovery (R): Not Defined (X)
- Value Density (V): Not Defined (X)
- Vulnerability Response Effort (RE): Not Defined (X)
- Provider Urgency (U): Not Defined (X)
- Confidentiality Req. (CR): Not Defined (X)
- Integrity Req. (IR): Not Defined (X)
- Availability Req. (AR): Not Defined (X)
- Exploit Maturity (E): Not Defined (X)
Activity log
- Created suggestion
LDAP StartTLS unconditionally disables hostname verification
A network attacker positioned between UAA and its LDAP directory can impersonate the directory using any certificate from any trusted CA, then harvest the LDAP bind password and every end-user password sent during simple-bind authentication, and return forged group memberships that grant themselves admin scopes. This affects every deployment that authenticates users against LDAP over StartTLS. Affected versions: UAA versions prior to v78.13.0; Cf-deployment versions prior to v56.2.0.
Affected products
- <78.13.0
- <56.2.0
Matching in nixpkgs
pkgs.rubyPackages.cf-uaac
None
pkgs.rubyPackages.cf-uaa-lib
None
pkgs.haskellPackages.quaalude
Extremely minimal prelude
pkgs.rubyPackages_3_3.cf-uaac
None
pkgs.rubyPackages_3_4.cf-uaac
None
pkgs.rubyPackages_4_0.cf-uaac
None
pkgs.rubyPackages_3_3.cf-uaa-lib
None
pkgs.rubyPackages_3_4.cf-uaa-lib
None
pkgs.rubyPackages_4_0.cf-uaa-lib
None
pkgs.typstPackages.modern-buaa-thesis
A modern thesis template for BUAA
pkgs.typstPackages.buaa-unofficial-gradient
A Typst template for BUAA slides based on Touying
pkgs.typstPackages.modern-buaa-thesis_0_1_0
A modern thesis template for BUAA
pkgs.typstPackages.modern-buaa-thesis_0_1_1
A modern thesis template for BUAA
pkgs.typstPackages.modern-buaa-thesis_0_1_2
A modern thesis template for BUAA
pkgs.typstPackages.modern-buaa-thesis_0_2_0
A modern thesis template for BUAA
Package maintainers
-
@RossSmyth Ross Smyth
-
@cherrypiejam Gongqi Huang