LDAP Injection Vulnerability in Apache Karaf
CVE-2016-8750 · MEDIUM Severity
AV:N/AC:L/AU:S/C:N/I:N/A:P
Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service.
Learn more about our User Device Pen Test.