Authentication flaw

2018-02-0117:29:00

PRIOn knowledge base

www.prio-n.com

7.7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

64.6%

JSON

html/admin/login.php in PacketFence before 3.0.2 allows remote attackers to conduct LDAP injection attacks and consequently bypass authentication via a crafted username.

CPENameOperatorVersion
packetfencele3.0.1

CPE	Name	Operator	Version
	packetfence	le	3.0.1

References

packetfence.org/bugs/changelog_page.php?version_id=35

packetfence.org/bugs/view.php?id=1293