Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in LemonLDAP::NG (aka lemonldap-ng) 2.0.13. When using the RESTServer plug-in to operate a REST password validation service (for another LemonLDAP::NG instance, for example) and using the Kerberos authentication method combined with another method with the Combination authentication plug-in, any password will be recognized as valid for an existing user.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
LemonLDAP::NG 授权问题漏洞
Vulnerability Description
LemonLDAP::NG是一套Web单点登录和访问管理软件。 LemonLDAP::NG 2.0.13 版本存在安全漏洞,该漏洞源于当使用 RESTServer 插件操作 REST 密码验证服务时,并使用 Kerberos 认证方法与组合认证插件的另一种方法相结合,任何密码都将被识别为对现有用户有效。
CVSS Information
N/A
Vulnerability Type
N/A