CVE-2016-2403

2017-02-07T17:59:00
ID CVE-2016-2403
Type cve
Reporter cve@mitre.org
Modified 2018-08-06T01:29:00

Description

Symfony before 2.8.6 and 3.x before 3.0.6 allows remote attackers to bypass authentication by logging in with an empty password and valid username, which triggers an unauthenticated bind.