CVE-2022-43959
4.9MEDIUMInsufficiently Protected Credentials in the AD/LDAP server settings in 1C-Bitrix Bitrix24 through 22.200.200 allow remote administrators to discover an AD/LDAP administrative password by reading the s
게시됨: 1/20/2023업데이트됨: 4/2/2025
설명
Insufficiently Protected Credentials in the AD/LDAP server settings in 1C-Bitrix Bitrix24 through 22.200.200 allow remote administrators to discover an AD/LDAP administrative password by reading the source code of /bitrix/admin/ldap_server_edit.php.
AI 분석AI 기반
영향받는 제품
bitrix24bitrix24
참조
- https://github.com/secware-ru/CVE-2022-43959ExploitThird Party Advisory
- https://www.bitrix24.com/prices/self-hosted.phpVendor Advisory
- https://www.bitrix24.com/security/Vendor Advisory
- https://github.com/secware-ru/CVE-2022-43959ExploitThird Party Advisory
- https://www.bitrix24.com/prices/self-hosted.phpVendor Advisory
- https://www.bitrix24.com/security/Vendor Advisory