CVE-2018-11407

🗓️ 13 Jun 2018 16:01:29Reported by mitreType

CVE-2018-11407: LDAP component in Symfony allows bypassing authenticatio

Reporter	Title	Published	Views	Family All 44
NVD	CVE-2018-11407	13 Jun 201816:29	–	nvd
NVD	CVE-2016-2403	7 Feb 201717:59	–	nvd
Symfony	CVE-2018-11407: Unauthorized access on a misconfigured LDAP server when using an empty password	25 May 201800:00	–	symfony
Symfony	CVE-2016-2403: Unauthorized access on a misconfigured Ldap server when using an empty password	9 May 201600:00	–	symfony
Github Security Blog	Symfony Authentication Bypass	14 May 202203:10	–	github
Github Security Blog	Symfony Authentication Bypass	14 May 202203:10	–	github
Debian CVE	CVE-2018-11407	13 Jun 201816:29	–	debiancve
Debian CVE	CVE-2016-2403	7 Feb 201717:59	–	debiancve
Cvelist	CVE-2018-11407	13 Jun 201816:00	–	cvelist
Cvelist	CVE-2016-2403	7 Feb 201717:00	–	cvelist

Nvd

Node

sensiolabs symfonyRange2.8.0–2.8.37

sensiolabs symfonyRange3.3.0–3.3.17

sensiolabs symfonyRange3.4.0–3.4.7

sensiolabs symfonyRange4.0.0–4.0.7

Source	Link
symfony	www.symfony.com/blog/cve-2018-11407-unauthorized-access-on-a-misconfigured-ldap-server-when-using-an-empty-password

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 Jun 2018 16:29Current

8.2High risk

Vulners AI Score8.2

CVSS27.5

CVSS39.8

EPSS0.00609

CWE-287