Lucene search
Veracode Vulnerability DatabaseVERACODE:27716HistoryOct 29, 2020 - 9:51 p.m.
Authentication Bypass
2020-10-2921:51:18
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
0.002 Low
EPSS
Percentile
55.1%
gosa is vulnerable to authentication bypass. An attacker is able to authenticate as any user using a username containing the case-insensitive substring success with an arbitrary password.
| CPE | Name | Operator | Version |
|---|---|---|---|
| gosa:xenial | eq | 2.7.4+reloaded2-9ubuntu1 | |
| gosa:xenial | eq | 2.7.4+reloaded2-9ubuntu1 |
Related
debian
debian
[SECURITY] [DLA 1875-1] fusiondirectory security update
2019-08-11 02:09:57
[SECURITY] [DLA 1876-1] gosa security update
2019-08-11 02:11:12
openvas
openvas
Debian: Security Advisory (DLA-1875-1)
2019-08-12 00:00:00
Debian: Security Advisory (DLA-1876-1)
2019-08-12 00:00:00
Ubuntu: Security Advisory (USN-4609-1)
2020-10-29 00:00:00
nessus
nessus
Debian DLA-1876-1 : gosa security update
2019-08-12 00:00:00
Debian DLA-1875-1 : fusiondirectory security update
2019-08-12 00:00:00
Ubuntu 16.04 LTS : GOsa vulnerabilities (USN-4609-1)
2020-10-29 00:00:00
cvelist
cvelist
CVE-2019-11187
2019-08-15 16:21:51
nvd
nvd
CVE-2019-11187
2019-08-15 17:15:12
cve
cve
CVE-2019-11187
2019-08-15 17:15:12
ubuntucve
ubuntucve
CVE-2019-11187
2019-08-15 00:00:00
prion
prion
Improper access control
2019-08-15 17:15:00
debiancve
debiancve
CVE-2019-11187
2019-08-15 17:15:12
osv
osv
gosa - security update
2019-08-10 00:00:00
fusiondirectory - security update
2019-08-10 00:00:00
gosa vulnerabilities
2020-10-28 19:46:46
ubuntu
ubuntu
GOsa vulnerabilities
2020-10-28 00:00:00