ForgeRock Access Management 6.0.0.x / 6.5.0.x / 6.5.2.x / 6.5.3 / 6.5.4 / 7.0.x / 7.1 / 7.1.1 Multiple Vulnerabilities

The version of ForgeRock Access Management detected on the remote host is affected by multiple vulnerabilities, including the following: - It may be possible to gain some details of the deployment through a well-crafted attack. This may allow that data to be used to probe internal network service...

CVE-2022-24670

creationtimestamp| type| source ---|---|--- 2022-10-27 20:33:31+00:00| seen| https://t.me/cibsecurity/52163 2025-05-09 19:26:08+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/15814...

CVE-2022-24670

An attacker can use the unrestricted LDAP queries to determine configuration entries...

CVE-2022-24670 Any user can run unrestricted LDAP queries against a configuration endpoint

An attacker can use the unrestricted LDAP queries to determine configuration entries...

CVE-2022-24670

ForgeRock Access Management (multiple versions, including 6.0.0.x–7.1.1.x) is affected by CVE-2022-24670. The root cause is unrestricted LDAP queries that allow an attacker to determine configuration entries, leading to potential information disclosure about deployment configuration (C: HIGH). Th...