Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Incorrect LDAP ACLs in ucs-school-ldap-acls-master in UCS@school before 4.4v5-errata allow remote teachers, staff, and school administrators to read LDAP password hashes (sambaNTPassword, krb5Key, sambaPasswordHistory, and pwhistory) via LDAP search requests. For example, a teacher can gain administrator access via an NTLM hash.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
UCS@school 安全漏洞
Vulnerability Description
UCS@school是一个全面的解决方案,可提供对学校基础设施和应用程序的访问以及操作它们的完整工具集。 UCS@school 4.4v5-errata 之前版本存在安全漏洞,该漏洞源于ucs-school-ldap-acls-master 中的 LDAP ACL 不正确,允许远程教师、员工和学校管理员通过 LDAP 搜索请求读取 LDAP 密码哈希。
CVSS Information
N/A
Vulnerability Type
N/A