Uploaded image for project: 'Crowd'
  1. Crowd
  2. CWD-5060

Various resources included the current remote directory password in their responses - CVE-2016-10740

    XMLWordPrintable

    Details

      Description

      Various resources in Atlassian Crowd before before version 2.10.1 allow remote attackers with administration rights to learn the passwords of configured LDAP directories via examining the responses of various resources.

        Attachments

          Activity

            People

            Assignee:
            Unassigned
            Reporter:
            security-metrics-bot SecurityB
            Participants:
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Last commented:
              1 year, 24 weeks ago