Vulnerability Description
LTB (aka LDAP Tool Box) Self Service Password before 1.3 allows a change to a user password (without knowing the old password) via a crafted POST request, because the ldap_bind return value is mishandled and the PHP data type is not constrained to be a string.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ltb-Project | Ldap Tool Box Self Service Password | < 1.3 |
Related Weaknesses (CWE)
References
- https://github.com/ltb-project/self-service-password/issues/209Third Party Advisory
- https://github.com/ltb-project/self-service-password/issues/211Third Party Advisory
- https://lists.ltb-project.org/pipermail/ltb-announce/2018-June/000023.htmlMailing ListPatchVendor Advisory
- https://github.com/ltb-project/self-service-password/issues/209Third Party Advisory
- https://github.com/ltb-project/self-service-password/issues/211Third Party Advisory
- https://lists.ltb-project.org/pipermail/ltb-announce/2018-June/000023.htmlMailing ListPatchVendor Advisory
FAQ
What is CVE-2018-12421?
CVE-2018-12421 is a vulnerability with a CVSS score of 9.8 (CRITICAL). LTB (aka LDAP Tool Box) Self Service Password before 1.3 allows a change to a user password (without knowing the old password) via a crafted POST request, because the ldap_bind return value is mishand...
How severe is CVE-2018-12421?
CVE-2018-12421 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2018-12421?
Check the references section above for vendor advisories and patch information. Affected products include: Ltb-Project Ldap Tool Box Self Service Password.