An LDAP Injection vulnerability exists in the LdapIdentityBackend of Apache Kerby before 2.0.3. 
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Mon, 11 Aug 2025 14:30:00 +0000

Type Values Removed Values Added
First Time appeared Apache kerby Ldap Backend
CPEs cpe:2.3:a:apache:identity_backend:*:*:*:*:*:*:*:* cpe:2.3:a:apache:kerby_ldap_backend:*:*:*:*:*:*:*:*
Vendors & Products Apache identity Backend
Apache kerby Ldap Backend

Sun, 13 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00166}

epss

{'score': 0.00127}


cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published:

Updated: 2024-08-02T11:25:19.226Z

Reserved: 2023-02-09T09:47:41.424Z

Link: CVE-2023-25613

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2023-02-20T16:15:10.677

Modified: 2025-08-11T14:24:58.983

Link: CVE-2023-25613

cve-icon Redhat

Severity : Important

Publid Date: 2023-02-20T00:00:00Z

Links: CVE-2023-25613 - Bugzilla

cve-icon OpenCVE Enrichment

No data.