Filtered by vendor Univention
Subscriptions
Filtered by product Ucs\@school
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-17477 | 1 Univention | 1 Ucs\@school | 2024-09-10 | 6.5 Medium |
| Incorrect LDAP ACLs in ucs-school-ldap-acls-master in UCS@school before 4.4v5-errata allow remote teachers, staff, and school administrators to read LDAP password hashes (sambaNTPassword, krb5Key, sambaPasswordHistory, and pwhistory) via LDAP search requests. For example, a teacher can gain administrator access via an NTLM hash. | ||||
Page 1 of 1.