Lucene search
K

8 matches found

UbuntuCve
UbuntuCve
added 2017/05/25 5:29 p.m.33 views

CVE-2014-0097

The ActiveDirectoryLdapAuthenticator in Spring Security 3.2.0 to 3.2.1 and 3.1.0 to 3.1.5 does not check the password length. If the directory allows anonymous binds then it may incorrectly authenticate a user who supplies an empty password...

7.5CVSS7.1AI score0.01209EPSS
Exploits0References2
NVD
NVD
added 2017/05/25 5:29 p.m.16 views

CVE-2014-0097

The ActiveDirectoryLdapAuthenticator in Spring Security 3.2.0 to 3.2.1 and 3.1.0 to 3.1.5 does not check the password length. If the directory allows anonymous binds then it may incorrectly authenticate a user who supplies an empty password...

7.5CVSS7.1AI score0.01209EPSS
Exploits0References2
CVE
CVE
added 2017/05/25 5:0 p.m.88 views

CVE-2014-0097

The CVE affects Spring Security’s ActiveDirectoryLdapAuthenticator (versions 3.2.0–3.2.1 and 3.1.0–3.1.5). It does not enforce password length, which can allow authentication of a user with an empty password if the directory permits anonymous binds. This is the stated vulnerability and its impact...

7.5CVSS7AI score0.01209EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2014/08/31 12:0 a.m.19 views

Fedora Update for springframework-security FEDORA-2014-9648

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.3AI score0.01808EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2014/08/31 12:0 a.m.28 views

Fedora Update for springframework-security FEDORA-2014-9646

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.3AI score0.01808EPSS
Exploits0References2
securityvulns
securityvulns
added 2014/05/05 12:0 a.m.126 views

CVE-2014-0097 Spring Security Blank password may bypass user authentication

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-0097 Blank password may bypass user authentication Severity: Important Vendor: Spring by Pivotal Versions Affected: - - Spring Security 3.2.0 to 3.2.1 - - Spring Security 3.1.0 to 3.1.5 Description: The ActiveDirectoryLdapAuthenticator does n...

7.5CVSS0.3AI score0.01209EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/03/22 12:0 a.m.21 views

Fedora 20 : springframework-security-3.1.6-1.fc20 (2014-3811)

This update fixes CVE-2014-0097. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

7.5CVSS7.5AI score0.01209EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2014/03/22 12:0 a.m.23 views

Fedora 19 : springframework-security-3.1.6-1.fc19 (2014-3812)

This update fixes CVE-2014-0097. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

7.5CVSS7.5AI score0.01209EPSS
Exploits0References3
Rows per page
Query Builder