Description

OneDev is a development operations platform. If the LDAP external authentication mechanism is enabled in OneDev versions 4.4.1 and prior, an attacker can manipulate a user search filter to send forged queries to the application and explore the LDAP tree using Blind LDAP Injection techniques. The specific payload depends on how the User Search Filter property is configured in OneDev. This issue was fixed in version 4.4.2.

Related CPE's

a

onedev_project

onedev

Vulnerable

References

https://github.com/theonedev/onedev/commit/4440f0c57e440488d7e653417b2547eaae8ad19c

PatchThird Party Advisory

https://github.com/theonedev/onedev/security/advisories/GHSA-5864-2496-4xjf

ExploitThird Party Advisory

Weaknesses

[email protected]

Primary
CWE-90

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

4.3 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2021-06-01T18:15:07.747

4 years ago

Last modified

2021-06-16T14:28:20.197

4 years ago