Lucene search
GoogleOSV:CVE-2022-31084HistoryJun 27, 2022 - 9:15 p.m.
CVE-2022-31084
2022-06-2721:15:08
Google
osv.dev
5
ldap account manager
object instantiation
arbitrary classes
code execution
cve-2022-31084
security issue
fixed version 8.0
webfrontend
ldap directory
entry management
LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 There are cases where LAM instantiates objects from arbitrary classes. An attacker can inject the first constructor argument. This can lead to code execution if non-LAM classes are instantiated that execute code during object creation. This issue has been fixed in version 8.0.
Related
debiancve
debiancve
CVE-2022-31084
2022-06-27 21:15:08
ubuntucve
ubuntucve
CVE-2022-31084
2022-06-27 00:00:00
cvelist
cvelist
CVE-2022-31084 Unauthenticated Remote Code Execution in ldap-account-manager
2022-06-27 20:55:11
cve
cve
CVE-2022-31084
2022-06-27 21:15:08
veracode
veracode
Remote Code Execution
2022-07-06 19:52:50
cnvd
cnvd
LDAP Account Manager Parameter Injection Vulnerability
2022-06-30 00:00:00
prion
prion
Code injection
2022-06-27 21:15:00
nvd
nvd
CVE-2022-31084
2022-06-27 21:15:08
nessus
nessus
Debian DSA-5177-1 : ldap-account-manager - security update
2022-07-06 00:00:00
debian
debian
[SECURITY] [DSA 5177-1] ldap-account-manager security update
2022-07-05 18:28:44
osv
osv
ldap-account-manager - security update
2022-07-05 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-5177-1)
2022-07-07 00:00:00