Lucene search
+L

5 matches found

ibm
ibm
added 2025/03/10 3:28 p.m.10 views

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to LDAP injection due to hbase-client

Summary hbase-client is used by the ds-cas-lite microservice as part of the HBase API functionality. Vulnerability Details CVEID:CVE-2023-25613 DESCRIPTION: Apache Kerby could allow a remote attacker to conduct an LDAP injection, caused by a flaw in LdapIdentityBackend. By sending a request with ...

9.8CVSS9.2AI score0.01491EPSS
Exploits0Affected Software1
vulnersosv
vulnersosv
added 2023/02/20 6:30 p.m.7 views

org.apache.kerby:kerby-kdc-test (>=1.0.0-RC1 <=1.0.0-RC2) potentially affected by CVE-2023-25613 via org.apache.kerby:ldap-backend (>=1.0.0-RC1 <=1.0.0-RC2)

org.apache.kerby:ldap-backend MAVEN version =1.0.0-RC1, =1.0.0-RC1, =1.0.0-RC2 Source cves: CVE-2023-25613 Source advisory: OSV:GHSA-337F-XR2X-6FCF...

9.8CVSS7.2AI score0.01491EPSS
Exploits0
nvd
nvd
added 2023/02/20 4:15 p.m.19 views

CVE-2023-25613

An LDAP Injection vulnerability exists in the LdapIdentityBackend of Apache Kerby before 2.0.3...

9.8CVSS9.7AI score0.01491EPSS
Exploits0References1
cve
cve
added 2023/02/20 3:29 p.m.114 views

CVE-2023-25613

CVE-2023-25613 is an LDAP injection in Apache Kerby via LdapIdentityBackend. IBM/Cloudera advisories list CVE-2023-25613 among vulnerabilities affecting CDP (e.g., 7.1.9 HF2) and IBM DataStage on Cloud Pak for Data. Remediation provided: upgrade to Cloud Pak for Data 5.0.0+ for DataStage on Cloud...

9.8CVSS9.6AI score0.01491EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2023/02/20 3:29 p.m.28 views

CVE-2023-25613 LDAP Injection Vulnerability in Apache Kerby

An LDAP Injection vulnerability exists in the LdapIdentityBackend of Apache Kerby before 2.0.3...

9.8AI score0.01491EPSS
Exploits0References1
Rows per page
Query Builder