Skip to main content

Mod Auth Ldap2

1 CVEs product

Monthly

CVE-2020-8086 CRITICAL Act Now

The mod_auth_ldap and mod_auth_ldap2 Community Modules through 2020-01-27 for Prosody incompletely verify the XMPP address passed to the is_admin() function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mod Auth Ldap Mod Auth Ldap2 Debian Linux
NVD
CVSS 3.1
9.8
EPSS
1.6%
EPSS 2% CVSS 9.8
CRITICAL Act Now

The mod_auth_ldap and mod_auth_ldap2 Community Modules through 2020-01-27 for Prosody incompletely verify the XMPP address passed to the is_admin() function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mod Auth Ldap Mod Auth Ldap2 +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy