Lucene search
MitreVULNRICHMENT:CVE-2020-17477HistoryOct 26, 2023 - 12:00 a.m.
CVE-2020-17477
2023-10-2600:00:00
mitre
github.com
1
ldap
ucs@school
remote access
sensitive information
cve-2020-17477
acls
password hashes
ntlm hash
AI Score
7.5
Confidence
Low
EPSS
0.001
Percentile
21.4%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Incorrect LDAP ACLs in ucs-school-ldap-acls-master in UCS@school before 4.4v5-errata allow remote teachers, staff, and school administrators to read LDAP password hashes (sambaNTPassword, krb5Key, sambaPasswordHistory, and pwhistory) via LDAP search requests. For example, a teacher can gain administrator access via an NTLM hash.
Related
nvd
nvd
CVE-2020-17477
2023-10-26 13:15:09
prion
prion
Design/Logic Flaw
2023-10-26 13:15:00
cvelist
cvelist
CVE-2020-17477
2023-10-26 00:00:00
cve
cve
CVE-2020-17477
2023-10-26 13:15:09
AI Score
7.5
Confidence
Low
EPSS
0.001
Percentile
21.4%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2020-17477