CVE-2012-6426
Published Jan 1, 2013
Last updated 12 years ago
Overview
- Description
- LemonLDAP::NG before 1.2.3 does not use the signature-verification capability of the Lasso library, which allows remote attackers to bypass intended access-control restrictions via crafted SAML data.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-264
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:lemonldap-ng:lemonldap\\:\\::*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ED6058D6-728B-4D2B-9831-DB79B8638E02",
"versionEndIncluding": "1.2.2"
},
{
"criteria": "cpe:2.3:a:lemonldap-ng:lemonldap\\:\\::0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9D5DE397-22D0-4DFC-8884-ED827206C03D"
},
{
"criteria": "cpe:2.3:a:lemonldap-ng:lemonldap\\:\\::0.7:beta:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EF1264A0-364B-439D-BCB0-8FF2BE171C90"
},
{
"criteria": "cpe:2.3:a:lemonldap-ng:lemonldap\\:\\::0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "238F6C20-6F9B-4A0C-922C-08630D25A878"
},
{
"criteria": "cpe:2.3:a:lemonldap-ng:lemonldap\\:\\::0.8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4CFA94B9-AF1D-45E6-9006-F6F3356570EE"
},
{
"criteria": "cpe:2.3:a:lemonldap-ng:lemonldap\\:\\::0.8.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6C8BE385-2C6F-4B94-9C02-EC7819A8F820"
},
{
"criteria": "cpe:2.3:a:lemonldap-ng:lemonldap\\:\\::0.8.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AEE5003B-9C4F-4DDE-8A10-436D69415943"
},
{
"criteria": "cpe:2.3:a:lemonldap-ng:lemonldap\\:\\::0.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "528F1593-406A-4170-9D59-6A55638FC665"
},
{
"criteria": "cpe:2.3:a:lemonldap-ng:lemonldap\\:\\::0.9.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "364F986D-011F-43F7-9170-DC5223816230"
},
{
"criteria": "cpe:2.3:a:lemonldap-ng:lemonldap\\:\\::0.9.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ACEACC11-E67E-45BF-98F3-D8D76B97B573"
},
{
"criteria": "cpe:2.3:a:lemonldap-ng:lemonldap\\:\\::0.9.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ACF2B52B-6ACC-44A6-BEDB-1B12DAE6B72F"
},
{
"criteria": "cpe:2.3:a:lemonldap-ng:lemonldap\\:\\::0.9.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AB76D1B0-F3DE-4F48-BFF9-6F73B43D4CBB"
},
{
"criteria": "cpe:2.3:a:lemonldap-ng:lemonldap\\:\\::1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "368C6300-8CD1-48E5-A334-D820B78C28C0"
},
{
"criteria": "cpe:2.3:a:lemonldap-ng:lemonldap\\:\\::1.0:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3E237CD3-C059-4F01-A4CC-0756465343DF"
},
{
"criteria": "cpe:2.3:a:lemonldap-ng:lemonldap\\:\\::1.0:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5BD61823-C2D8-495D-90A3-CB932FBF6AC5"
},
{
"criteria": "cpe:2.3:a:lemonldap-ng:lemonldap\\:\\::1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1247A28C-C3DE-4F11-8FB6-8D74CC5D967A"
},
{
"criteria": "cpe:2.3:a:lemonldap-ng:lemonldap\\:\\::1.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7C3068CC-3698-438C-B4CE-E5325621257A"
},
{
"criteria": "cpe:2.3:a:lemonldap-ng:lemonldap\\:\\::1.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CFB792BC-D101-4337-9850-369576BA4633"
},
{
"criteria": "cpe:2.3:a:lemonldap-ng:lemonldap\\:\\::1.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CED00DFE-0004-4D64-A740-37507061413E"
},
{
"criteria": "cpe:2.3:a:lemonldap-ng:lemonldap\\:\\::1.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "786D892E-575D-4525-A332-550D36055A99"
},
{
"criteria": "cpe:2.3:a:lemonldap-ng:lemonldap\\:\\::1.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "85EB1328-D97B-4670-9F75-48ABFFF354DD"
},
{
"criteria": "cpe:2.3:a:lemonldap-ng:lemonldap\\:\\::1.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7C365B18-C226-432C-BE2B-2DF750A85866"
},
{
"criteria": "cpe:2.3:a:lemonldap-ng:lemonldap\\:\\::1.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "434705C1-C2FE-43F6-BB90-45BD0A57DFF6"
},
{
"criteria": "cpe:2.3:a:lemonldap-ng:lemonldap\\:\\::1.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B47A073C-D194-46B2-BF53-26286A9592A8"
},
{
"criteria": "cpe:2.3:a:lemonldap-ng:lemonldap\\:\\::1.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F9EDCFAB-F8EA-4CF1-8A41-CD223239A0B7"
},
{
"criteria": "cpe:2.3:a:lemonldap-ng:lemonldap\\:\\::1.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D9C9784C-9CB6-4CC4-B25C-BB07E448E9FF"
}
],
"operator": "OR"
}
]
}
]