An issue was discovered in LemonLDAP::NG before 2.0.12. Session cache corruption can lead to authorization bypass or spoofing. By running a loop that makes many authentication attempts, an attacker might alternately be authenticated as one of two different users.
CPE | Name | Operator | Version |
---|---|---|---|
debian_linux | eq | 10.0 |