3 matches found
CVE-2022-31088
LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 the user name field at login could be used to enumerate LDAP data. This is only the case for LDAP search configuration. This issue has been fixed ...
CVE-2022-31088 Unauthenticated LDAP Injection in ldap-account-manager
LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 the user name field at login could be used to enumerate LDAP data. This is only the case for LDAP search configuration. This issue has been fixed ...
CVE-2022-31088
The CVE-2022-31088 issue affects LDAP Account Manager (LAM). In versions prior to 8.0, the username field at login could be used to enumerate LDAP data during LDAP search configuration. This is limited to enumeration during login and does not mention broader code execution paths. The vulnerabilit...