CVE-2016-8750
N/A
N/A
Summary
Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Apache Software Foundation | Apache Karaf | prior to 4.0.8 | affected |
Weaknesses
- Injection Attack
ADP Enrichment
CVE Program Container
Additional References
- https://access.redhat.com/errata/RHSA-2018:1322
- https://karaf.apache.org/security/cve-2016-8750.txt
- http://www.securityfocus.com/bid/103098
References
- https://access.redhat.com/errata/RHSA-2018:1322
- https://karaf.apache.org/security/cve-2016-8750.txt
- http://www.securityfocus.com/bid/103098
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.