CVE-2022-37397
CVE-2022-37397 affects YugabyteDB 2.6.1 when using LDAP-based authentication in YCQL with Microsoft AD. If anonymous or unauthenticated LDAP binding is enabled, authentication can be bypassed with an empty password. Connected sources provide no exploitation details. Practical impact is authentica...