CVE-2023-33254 in Deployment and Remote Site Appliance情報

要約

〜によって MITRE • 2023年05月22日

There is an LDAP bind credentials exposure on KACE Systems Deployment and Remote Site appliances 9.0.146. The captured credentials may provide a higher privilege level on the Active Directory domain. To exploit this, an authenticated attacker edits the user-authentication settings to specify an attacker-controlled LDAP server, clicks the Test Settings button, and captures the cleartext credentials.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

予約する

2023年05月21日

モデレーション

承諾済み

エントリ

VDB-229618

EPSS

0.03211

アクティビティ

非常低い

ソース

Want to know what is going to be exploited?

We predict KEV entries!