1. Home
  2. CVE Database
  3. CVE-2015-10027
MEDIUM · 5.5

CVE-2015-10027

A vulnerability, which was classified as problematic, has been found in hydrian TTRSS-Auth-LDAP. Affected by this issue is some unknown functionality of the component Username Handler. The manipulatio...

Vulnerability Description

A vulnerability, which was classified as problematic, has been found in hydrian TTRSS-Auth-LDAP. Affected by this issue is some unknown functionality of the component Username Handler. The manipulation leads to ldap injection. Upgrading to version 2.0b1 is able to address this issue. The patch is identified as a7f7a5a82d9202a5c40d606a5c519ba61b224eb8. It is recommended to upgrade the affected component. VDB-217622 is the identifier assigned to this vulnerability.

CVSS Score

5.5

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
LOW
Availability
LOW

Affected Products

VendorProductVersions
Ttrrs-Auth-Ldap ProjectTtrrs-Auth-Ldap0.5

Related Weaknesses (CWE)

CWE-74CWE-90

References

FAQ

What is CVE-2015-10027?

CVE-2015-10027 is a vulnerability with a CVSS score of 5.5 (MEDIUM). A vulnerability, which was classified as problematic, has been found in hydrian TTRSS-Auth-LDAP. Affected by this issue is some unknown functionality of the component Username Handler. The manipulatio...

How severe is CVE-2015-10027?

CVE-2015-10027 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-10027?

Check the references section above for vendor advisories and patch information. Affected products include: Ttrrs-Auth-Ldap Project Ttrrs-Auth-Ldap.