Lucene search
K

4 matches found

F5 Networks
F5 Networks
added 2023/02/21 6:33 p.m.29 views

K03863974: Apache LDAP vulnerability CVE-2018-1337

Security Advisory Description In Apache LDAP API before 1.0.2, a bug in the way the SSL Filter was setup made it possible for another thread to use the connection before the TLS layer has been established, if the connection has already been used and put back in a pool of connections, leading to...

9.8CVSS9.1AI score0.0531EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/11 8:43 p.m.13 views

Security Bulletin: IBM Security Verify Information Queue uses Apache LDAP API with a known vulnerability (CVE-2018-1337)

Summary IBM Security Verify Information Queue ISIQ v10.0.2 uses an older version of the Apache Directory LDAP API that is vulnerable to leaking sensitive information. ISIQ v10.0.3 upgraded to a newer Apache LDAP API that does not have the vulnerability. Vulnerability Details CVEID: CVE-2018-1337...

9.8CVSS0.9AI score0.0531EPSS
Exploits0Affected Software1
CVE
CVE
added 2018/07/10 1:0 p.m.81 views

CVE-2018-1337

CVE-2018-1337 affects Apache Directory LDAP API prior to 1.0.2. Root cause: a flaw in the SSL Filter setup allows a thread to reuse a connection before TLS is established, potentially leaking data from a request (including credentials from BIND) when a connection is pulled from the pool. Impact: ...

9.8CVSS9.2AI score0.0531EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2018/07/10 1:0 p.m.7 views

CVE-2018-1337

In Apache Directory LDAP API before 1.0.2, a bug in the way the SSL Filter was setup made it possible for another thread to use the connection before the TLS layer has been established, if the connection has already been used and put back in a pool of connections, leading to leaking any informati...

9.8CVSS7.2AI score0.0531EPSS
Exploits0
Rows per page
Query Builder