CVE-2016-6500 in OpenIDMinformação

Sumário

de MITRE

Unspecified methods in the RACF Connector component before 1.1.1.0 in ForgeRock OpenIDM and OpenICF improperly call the SearchControls constructor with returnObjFlag set to true, which allow remote attackers to execute arbitrary code via a crafted serialized Java object, aka LDAP entry poisoning.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservar

01/08/2016

Divulgação

03/02/2017

Moderação

aceite

Entrada

VDB-96546

CPE

pronto

CWE

CWE-20 (confirmado)

CVSS

8.1 (NVD)

EPSS

0.01888

KEV

não

Atividades

muito baixo

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-6500
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-6500
CVE Details	https://www.cvedetails.com/cve/CVE-2016-6500/

◂ Voltar Visão Geral Próximo ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!