logo
DATABASE RESOURCES PRICING ABOUT US

LDAP Account Manager Injection Vulnerability (CNVD-2022-53544)

Description

LDAP Account Manager is a web front-end for managing entries (e.g., users, groups, DHCP settings) stored in the LDAP directory.An injection vulnerability exists in LDAP Account Manager (LAM) versions prior to 8.0, which stems from faulty access control and could be exploited by an attacker to pass the user name field at login can be used to enumerate LDAP data.


Affected Software


CPE Name Name Version
ldap account manager ldap account manager 8.0

Related