Uploaded image for project: 'Crowd'
  1. Crowd
  2. CWD-5060

Various resources included the current remote directory password in their responses - CVE-2016-10740

    XMLWordPrintable

    Details

      Description

      Various resources in Atlassian Crowd before before version 2.10.1 allow remote attackers with administration rights to learn the passwords of configured LDAP directories via examining the responses of various resources.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              security-metrics-bot SecurityB
              Participants:
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Last commented:
                49 weeks, 5 days ago