Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-23333

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LDAP Account Manager LAM is a webfrontend for managing entries stored in an LDAP directory. LAM's log configuration allows to specify arbitrary paths for log...

7.9CVSS7.7AI score0.17868EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/05 7:24 a.m.7 views

CVE-2024-23333

LDAP Account Manager LAM is a webfrontend for managing entries stored in an LDAP directory. LAM's log configuration allows to specify arbitrary paths for log files. Prior to version 8.7, an attacker could exploit this by creating a PHP file and cause LAM to log some PHP code to this file. When th...

7.9CVSS6.5AI score0.17868EPSS
Exploits0References1
OSV
OSV
added 2024/12/17 10:15 p.m.3 views

UBUNTU-CVE-2024-52792

LDAP Account Manager LAM is a php webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In affected versions LAM does not properly sanitize configuration values, that are set via mainmanage.php and confmain.php. This allows setting arbitrary config values...

6.5CVSS5.9AI score0.00696EPSS
Exploits0References6
Circl
Circl
added 2024/03/18 10:26 p.m.8 views

CVE-2024-23333

creationtimestamp| type| source ---|---|--- 2024-03-18 22:26:42+00:00| seen| https://t.me/ctinow/210999 2024-03-18 22:26:45+00:00| seen| https://t.me/ctinow/211002 2024-12-17 21:50:59+00:00| seen| https://infosec.exchange/users/cve/statuses/113670373972746279 2024-12-18 00:18:39+00:00| seen|...

7.9CVSS7.6AI score0.17868EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/03/18 9:7 p.m.14 views

CVE-2024-23333 LAM vulnerable to Authenticated Remote Code Execution

LDAP Account Manager LAM is a webfrontend for managing entries stored in an LDAP directory. LAM's log configuration allows to specify arbitrary paths for log files. Prior to version 8.7, an attacker could exploit this by creating a PHP file and cause LAM to log some PHP code to this file. When th...

7.9CVSS6.9AI score0.17868EPSS
Exploits0References2
CVE
CVE
added 2024/03/18 9:7 p.m.86 views

CVE-2024-23333

LAM (LDAP Account Manager) contains a vulnerability where log configuration allows arbitrary log-file paths. In versions before 8.7, an attacker could cause PHP code to be written to a log file and later executed when accessed via web. Mitigation requires knowledge of LAM’s master configuration p...

7.9CVSS6.8AI score0.17868EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2024/03/18 9:7 p.m.22 views

CVE-2024-23333

LDAP Account Manager LAM is a webfrontend for managing entries stored in an LDAP directory. LAM's log configuration allows to specify arbitrary paths for log files. Prior to version 8.7, an attacker could exploit this by creating a PHP file and cause LAM to log some PHP code to this file. When th...

7.9CVSS7.7AI score0.17868EPSS
Exploits0
Rows per page
Query Builder