CVE-2014-9043

CVE-2014-9043 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

The user_ldap (aka LDAP user and group backend) application in ownCloud before 5.0.18, 6.x before 6.0.6, and 7.x before 7.0.3 allows remote attackers to bypass authentication via a null byte in the password and a valid user name, which triggers an unauthenticated bind.

Learn more about our Cis Benchmark Audit For Bind.