VYPR
Medium severity4.9NVD Advisory· Published Apr 28, 2023· Updated Jun 17, 2026

CVE-2023-25495

CVE-2023-25495

Description

A valid, authenticated administrative user can query a web interface API to reveal the configured LDAP client password used by XCC to authenticate to an external LDAP server in certain configurations. There is no exposure where no LDAP client password is configured

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.