3 matches found
CVE-2022-22975
An issue was discovered in the Pinniped Supervisor with either LADPIdentityProvider or ActiveDirectoryIdentityProvider resources. An attack would involve the malicious user changing the common name CN of their user entry on the LDAP or AD server to include special characters, which could be used ...
CVE-2022-22975
creationtimestamp| type| source ---|---|--- 2022-05-11 20:34:51+00:00| seen| https://t.me/cibsecurity/42396...
CVE-2022-22975
CVE-2022-22975 affects VMware Pinniped Pinniped Supervisor components that handle LDAPIdentityProvider or ActiveDirectoryIdentityProvider. The root cause is unvalidated LDAP/AD query construction when a malicious user alters the CN to contain special characters, enabling LDAP query injection in t...