JabberD 2.x (aka jabberd2) before 2.6.1 allows anyone to authenticate using SASL ANONYMOUS, even when the sasl.anonymous c2s.xml option is not enabled.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
DSA-3902-1 | jabberd2 security update |
![]() |
EUVD-2017-2451 | JabberD 2.x (aka jabberd2) before 2.6.1 allows anyone to authenticate using SASL ANONYMOUS, even when the sasl.anonymous c2s.xml option is not enabled. |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-05T17:50:11.702Z
Reserved: 2017-07-04T00:00:00
Link: CVE-2017-10807

No data.

Status : Deferred
Published: 2017-07-04T15:29:00.187
Modified: 2025-04-20T01:37:25.860
Link: CVE-2017-10807


No data.