Authentication Bypass Vulnerability in Open Directory on Apple Mac OS X 10.7

Authentication Bypass Vulnerability in Open Directory on Apple Mac OS X 10.7

CVE-2011-3226 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Open Directory in Apple Mac OS X 10.7 before 10.7.2, when an LDAPv3 server is used with RFC 2307 or custom mappings, allows remote attackers to bypass the password requirement by leveraging lack of an AuthenticationAuthority attribute for a user account.

Learn more about our Cis Benchmark Audit For Server Software.