Description
Insecure storage of LDAP passwords in the authentication functionality of AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS allows members (with read access to the application database) to decrypt the LDAP passwords of users who successfully authenticate to web management via LDAP.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
| Link | Providers |
|---|---|
| https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25655 |
|
History
Wed, 28 Aug 2024 17:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-922 | |
| Metrics |
cvssV3_1
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-28T15:44:55.431Z
Reserved: 2024-02-09T00:00:00.000Z
Link: CVE-2024-25655
Updated: 2024-08-01T23:52:04.899Z
Status : Deferred
Published: 2024-03-18T20:15:08.917
Modified: 2026-06-17T07:16:22.490
Link: CVE-2024-25655
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-922
Insecure Storage of Sensitive Information