Vulnerability Description
Cleartext Transmission of Sensitive Information vulnerability in ForgeRock Inc. OpenIDM and Java Remote Connector Server (RCS) LDAP Connector on Windows, MacOS, Linux allows Remote Services with Stolen Credentials.This issue affects OpenIDM and Java Remote Connector Server (RCS): from 1.5.20.9 through 1.5.20.13.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Forgerock | Ldap Connector | >= 1.5.20.9, < 1.5.20.14 |
Related Weaknesses (CWE)
References
- https://backstage.forgerock.com/downloads/browse/idm/all/productId:idm-connectorPermissions Required
- https://backstage.forgerock.com/knowledge/kb/article/a14149722MitigationVendor Advisory
- https://backstage.forgerock.com/downloads/browse/idm/all/productId:idm-connectorPermissions Required
- https://backstage.forgerock.com/knowledge/kb/article/a14149722MitigationVendor Advisory
FAQ
What is CVE-2023-1656?
CVE-2023-1656 is a vulnerability with a CVSS score of 7.5 (HIGH). Cleartext Transmission of Sensitive Information vulnerability in ForgeRock Inc. OpenIDM and Java Remote Connector Server (RCS) LDAP Connector on Windows, MacOS, Linux allows Remote Services with Stole...
How severe is CVE-2023-1656?
CVE-2023-1656 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-1656?
Check the references section above for vendor advisories and patch information. Affected products include: Forgerock Ldap Connector.