Details
-
Bug
-
Resolution: Fixed
-
Medium
-
2.8, 2.9.1
-
None
-
Severity 1 - Critical
-
Description
Various resources in Atlassian Crowd before before version 2.10.1 allow remote attackers with administration rights to learn the passwords of configured LDAP directories via examining the responses of various resources.