CVE-2018-1000134

🗓️ 16 Mar 2018 14:44:29Reported by mitreType

UnboundID LDAP SDK version from commit 801111d8b5c732266a5dbd4b3bb0b6c7b94d7afb up to commit 8471904a02438c03965d21367890276bc25fa5a6 contains an Incorrect Access Control vulnerability in SimpleBindRequest class

Reporter	Title	Published	Views	Family All 22
Veracode	Improper Access Control	15 Jan 201909:23	–	veracode
Veracode	Improper Access Control	19 Mar 201805:35	–	veracode
OSV	Weak Password Requirements in UnboundID LDAP SDK	13 May 202201:48	–	osv
OSV	CVE-2018-1000134	16 Mar 201814:29	–	osv
OSV	Red Hat Security Advisory: unboundid-ldapsdk security update	13 Sep 202416:51	–	osv
Tenable Nessus	Fedora 28 : unboundid-ldapsdk (2018-e8635ed222)	3 Jan 201900:00	–	nessus
Tenable Nessus	Fedora 26 : unboundid-ldapsdk (2018-c188d3f09a)	30 Mar 201800:00	–	nessus
Tenable Nessus	Fedora 27 : unboundid-ldapsdk (2018-0a473d6e7b)	30 Mar 201800:00	–	nessus
Tenable Nessus	RHEL 7 : Virtualization (RHSA-2018:1713)	25 May 201800:00	–	nessus
OpenVAS	Fedora Update for unboundid-ldapsdk FEDORA-2018-c188d3f09a	30 Mar 201800:00	–	openvas

Nvd

Node

pingidentity ldapsdkRange1.1.0–4.0.5java

Source	Link
securityfocus	www.securityfocus.com/bid/103458
access	www.access.redhat.com/errata/RHSA-2018:1713
github	www.github.com/pingidentity/ldapsdk/issues/40

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

16 Mar 2018 14:29Current

9.4High risk

Vulners AI Score9.4

CVSS27.5

CVSS39.8

EPSS0.012

CWE-521