Max CVSS | 7.5 | Min CVSS | 7.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2014-0097 | 7.5 |
The ActiveDirectoryLdapAuthenticator in Spring Security 3.2.0 to 3.2.1 and 3.1.0 to 3.1.5 does not check the password length. If the directory allows anonymous binds then it may incorrectly authenticate a user who supplies an empty password.
|
20-04-2022 - 00:15 | 25-05-2017 - 17:29 |