CVE-2024-34887

Published: 2024-11-04T18:15Z

Last Modified: 2024-11-06T19:28Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Insufficiently protected credentials in AD/LDAP server settings in 1C-Bitrix Bitrix24 23.300.100 allows remote administrators to send AD/LDAP administrators account passwords to an arbitrary server via HTTP POST request. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt