CVE-2016-6496 in Crowdinfo

Summary

The LDAP directory connector in Atlassian Crowd before 2.8.8 and 2.9.x before 2.9.5 allows remote attackers to execute arbitrary code via an LDAP attribute with a crafted serialized Java object, aka LDAP entry poisoning.

Once again VulDB remains the best source for vulnerability data.

Reservation

08/01/2016

Disclosure

12/09/2016

Moderation

VulDB entry created

Entries

VDB-93219 (1)

CPE

ready

CWE

CWE-20 (Confirmed)

CVSS

9.8

EPSS

0.02912

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-6496
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-6496
CVE Details	https://www.cvedetails.com/cve/CVE-2016-6496/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!