How severe is CVE-2022-43959?

CVE-2022-43959 has a CVSS v3 score of 4.9 (MEDIUM).

CVE-2022-43959

Name: bitrix24
Author: bitrix24

4.9MEDIUM

Insufficiently Protected Credentials in the AD/LDAP server settings in 1C-Bitrix Bitrix24 through 22.200.200 allow remote administrators to discover an AD/LDAP administrative password by reading the s

Veröffentlicht: 1/20/2023Aktualisiert: 4/2/2025

Beschreibung

Insufficiently Protected Credentials in the AD/LDAP server settings in 1C-Bitrix Bitrix24 through 22.200.200 allow remote administrators to discover an AD/LDAP administrative password by reading the source code of /bitrix/admin/ldap_server_edit.php.

KI-AnalyseKI-gestützt

Betroffene Produkte

bitrix24bitrix24

Referenzen

https://github.com/secware-ru/CVE-2022-43959
ExploitThird Party Advisory
https://www.bitrix24.com/prices/self-hosted.php
Vendor Advisory
https://www.bitrix24.com/security/
Vendor Advisory
https://github.com/secware-ru/CVE-2022-43959
ExploitThird Party Advisory
https://www.bitrix24.com/prices/self-hosted.php
Vendor Advisory
https://www.bitrix24.com/security/
Vendor Advisory