VYPR

LDAP connector

by Forgerock

CVEs (2)

  • CVE-2022-0143Sep 19, 2022
    risk 0.00cvss epss 0.01

    When the LDAP connector is started with StartTLS configured, unauthenticated access is granted. This issue affects: all versions of the LDAP connector prior to 1.5.20.9. The LDAP connector is bundled with Identity Management (IDM) and Remote Connector Server (RCS)

  • CVE-2020-15259Nov 6, 2020
    risk 0.00cvss epss 0.01

    ad-ldap-connector's admin panel before version 5.0.13 does not provide csrf protection, which when exploited may result in remote code execution or confidential data loss. CSRF exploits may occur if the user visits a malicious page containing CSRF payload on the same machine…