CVE-2022-31088

MEDIUM Year: 2022
CVSS v3 Score
6.5
Medium
CVSS v2 Score
5.0
Medium
Weakness Type
CWE-74
View all →

Vulnerability Description

LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 the user name field at login could be used to enumerate LDAP data. This is only the case for LDAP search configuration. This issue has been fixed in version 8.0.

Related Vulnerabilities

CVE-2015-10040

MEDIUM
CVSS:6.5(Medium)

A vulnerability was found in gitlearn. It has been declared as problematic. This vulnerability affects the function getGrade/getOutOf of the file scripts/config.sh of the component Escape Sequence Han...

CWE-742015

CVE-2016-0881

MEDIUM
CVSS:6.5(Medium)

EMC Documentum xCP 2.1 before patch 23 and 2.2 before patch 11 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and obtain sensitive repository informatio...

CWE-742016

CVE-2016-10761

MEDIUM
CVSS:6.5(Medium)

Logitech Unifying devices before 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack.

CWE-742016

CVE-2016-6473

MEDIUM
CVSS:6.5(Medium)

A vulnerability in Cisco IOS on Catalyst Switches and Nexus 9300 Series Switches could allow an unauthenticated, adjacent attacker to cause a Layer 2 network storm. More Information: CSCuu69332, CSCux...

CWE-742016

CVE-2017-8458

MEDIUM
CVSS:6.5(Medium)

Brave 0.12.4 has a URI Obfuscation issue in which a string such as https://[email protected]/ is displayed without a clear UI indication that it is not a resource on the safe.example...

CWE-742017

CVE-2019-3498

MEDIUM
CVSS:6.5(Medium)

In Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, an Improper Neutralization of Special Elements in Output Used by a Downstream Component issue exists in django.views.defau...

CWE-742019