CVE-2024-52946 – LemonLDAP::NG Improper Authentication Privilege Escalation

11月 18, 2024
7:16 am

CVE ID : CVE-2024-52946

Published : Nov. 18, 2024, 6:15 a.m. | 1 hour, 1 minute ago

Description : An issue was discovered in LemonLDAP::NG before 2.20.1. An Improper Check during session refresh allows an authenticated user to raise their authentication level if the admin configured an “Adaptative authentication rule” with an increment instead of an absolute value.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-52946 – LemonLDAP::NG Improper Authentication Privilege Escalation

Elvescore.io

Recent Posts

CVE-2024-12960 – Apache MCA 1.0 SQL Injection Vulnerability

CVE-2024-12961 – Apache MCA Portfolio Management System SQL Injection Vulnerability

CVE-2024-12908 – Delinea Secret Server Regular Expression Injection Vulnerability

CVE-2024-12958 – RPost MCA SQL Injection Vulnerability

CVE-2024-12959 – “Fortress MCA SQL Injection”

CVE-2024-51540 – Dell ECS Arithmetic Overflow Vulnerability (Path Traversal)

CVE-2024-52946 – LemonLDAP::NG Improper Authentication Privilege Escalation

CVE-2024-52946 – LemonLDAP::NG Improper Authentication Privilege Escalation