Uploaded image for project: 'Crowd'
  1. Crowd
  2. CWD-5060

Various resources included the current remote directory password in their responses - CVE-2016-10740

    XMLWordPrintable

Details

    Description

      Various resources in Atlassian Crowd before before version 2.10.1 allow remote attackers with administration rights to learn the passwords of configured LDAP directories via examining the responses of various resources.

      Attachments

        Activity

          People

            Unassigned Unassigned
            security-metrics-bot Security Metrics Bot
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: