Unrated severityNVD Advisory· Published Mar 25, 2020· Updated Aug 4, 2024

LDAP connector injection in Perun

CVE-2020-5281

Description

In Perun before version 3.9.1, VO or group manager can modify configuration of the LDAP extSource to retrieve all from Perun LDAP. Issue is fixed in version 3.9.1 by sanitisation of the input.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Cesnet/perunllm-create2 versions
<3.9.1+ 1 more
- (no CPE)range: <3.9.1
- (no CPE)range: < 3.9.1

Patches

Vulnerability mechanics

References

github.com/CESNET/perun/commit/ac527bc3225a64208ee5cee59e5918ee360ca039mitrex_refsource_MISC
github.com/CESNET/perun/pull/2635mitrex_refsource_MISC
github.com/CESNET/perun/security/advisories/GHSA-gj88-9q3f-72m3mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000