Critical severity9.1NVD Advisory· Published Jun 29, 2024· Updated Apr 15, 2026
CVE-2024-39848
CVE-2024-39848
Description
Internet2 Grouper before 5.6 allows authentication bypass when LDAP authentication is used in certain ways. This is related to internet2.middleware.grouper.ws.security.WsGrouperLdapAuthentication and the use of the UyY29r password for the M3vwHr account. This also affects "Grouper for Web Services" before 4.13.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: <4.13.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.