CVE-2014-9217
Graylog2 < 0.91.3 - LDAP Authentication Bypass via Crafted Wildcards
Title source: llmDescription
Graylog2 before 0.92 allows remote attackers to bypass LDAP authentication via crafted wildcards.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/99571
Exploit, Patch, Vendor Advisory x_refsource_confirm
http://www.graylog2.org/news/post/0010-graylog2-v0-92
Mailing List mailing-list
x_refsource_mlist
http://seclists.org/oss-sec/2014/q4/1130
Scores
EPSS
0.0230
EPSS Percentile
81.1%
Details
CWE
CWE-287
Status
published
Products (1)
torch_gmbh/graylog2
< 0.91.3
Published
Dec 08, 2014
Tracked Since
Feb 18, 2026