Unauthorized Connection Processing Vulnerability in Wekan before 4.87

Unauthorized Connection Processing Vulnerability in Wekan before 4.87

CVE-2021-3309 · HIGH Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

packages/wekan-ldap/server/ldap.js in Wekan before 4.87 can process connections even though they are not authorized by the Certification Authority trust store,

Learn more about our Cis Benchmark Audit For Server Software.