製品・ソフトウェアに関する情報

Vulnerability Search

ベンダー検索

Product/Service Search

JVN Vulnerability Search Top

->

JVN脆弱性詳細

UnboundID LDAP SDK におけるアクセス制御に関する脆弱性

Title	UnboundID LDAP SDK におけるアクセス制御に関する脆弱性
Summary	UnboundID LDAP SDK には、アクセス制御に関する脆弱性が存在します。
Possible impacts	情報を取得される、情報を改ざんされる、およびサービス運用妨害 (DoS) 状態にされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	March 19, 2018, midnight
Registration Date	May 15, 2018, 5:21 p.m.
Last Update	May 15, 2018, 5:21 p.m.

CVSS3.0 : 緊急
Score	9.8
Vector	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS2.0 : 危険
Score	7.5
Vector	AV:N/AC:L/Au:N/C:P/I:P/A:P

Affected System

Ping Identity

UnboundID LDAP SDK for Java

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2018-1000134	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000134
National Vulnerability Database (NVD)
2	CVE-2018-1000134	https://nvd.nist.gov/vuln/detail/CVE-2018-1000134

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-284	https://cwe.mitre.org/data/definitions/284.html

ベンダー情報

No	Name	URL
GitHub
1	processSync in SimpleBindRequest allows empty password with set bindDN #40	https://github.com/pingidentity/ldapsdk/issues/40
2	UnboundID LDAP SDK for Java 4.0.5	https://github.com/pingidentity/ldapsdk/releases

Change Log

No	Changed Details	Date of change
1	[2018年05月15日] 掲載	May 15, 2018, 5:21 p.m.

NVD Vulnerability Information

CVE-2018-1000134

Summary	UnboundID LDAP SDK version from commit 801111d8b5c732266a5dbd4b3bb0b6c7b94d7afb up to commit 8471904a02438c03965d21367890276bc25fa5a6, where the issue was reported and fixed contains an Incorrect Access Control vulnerability in process function in SimpleBindRequest class doesn't check for empty password when running in synchronous mode. commit with applied fix https://github.com/pingidentity/ldapsdk/commit/8471904a02438c03965d21367890276bc25fa5a6#diff-f6cb23b459be1ec17df1da33760087fd that can result in Ability to impersonate any valid user. This attack appear to be exploitable via Providing valid username and empty password against servers that do not do additional validation as per https://tools.ietf.org/html/rfc4513#section-5.1.1. This vulnerability appears to have been fixed in after commit 8471904a02438c03965d21367890276bc25fa5a6.
Publication Date	March 16, 2018, 11:29 p.m.
Registration Date	March 1, 2021, 6:39 p.m.
Last Update	Nov. 21, 2024, 12:39 p.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:pingidentity:ldapsdk::::::java::*		1.1.0	4.0.5

Related information, measures and tools

No	URL	refsource	タグ
1	http://www.securityfocus.com/bid/103458		Third Party Advisory VDB Entry
2	http://www.securityfocus.com/bid/103458		Third Party Advisory VDB Entry
3	https://access.redhat.com/errata/RHSA-2018:1713
4	https://access.redhat.com/errata/RHSA-2018:1713
5	https://github.com/pingidentity/ldapsdk/issues/40		Third Party Advisory
6	https://github.com/pingidentity/ldapsdk/issues/40		Third Party Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-521	脆弱なパスワードポリシー	https://cwe.mitre.org/data/definitions/521.html