← Back to CVE List

CVE-2024-45160

Published: 2024-10-09T05:15Z
Last Modified: 2024-10-10T12:51Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
Incorrect credential validation in LemonLDAP::NG 2.18.x and 2.19.x before 2.19.2 allows attackers to bypass OAuth2 client authentication via an empty client_password parameter (client secret). > MITRE Terms of Use apply – see LICENSE‑MITRE.txt