LDAP Configuration Modification Vulnerability in Perun

LDAP Configuration Modification Vulnerability in Perun

CVE-2020-5281 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

In Perun before version 3.9.1, VO or group manager can modify configuration of the LDAP extSource to retrieve all from Perun LDAP. Issue is fixed in version 3.9.1 by sanitisation of the input.

Learn more about our Web Application Penetration Testing UK.