CVE-2020-9495 – org.apache.archiva:archiva

Package

Manager: maven
Name: org.apache.archiva:archiva
Vulnerable Version: >=0 <2.2.5

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

EPSS: 0.27485 pctl0.96246

Details

Injection in Apache Archiva Apache Archiva login service before 2.2.5 is vulnerable to LDAP injection. A attacker is able to retrieve user attribute data from the connected LDAP server by providing special values to the login form. With certain characters it is possible to modify the LDAP filter used to query the LDAP users. By measuring the response time for the login request, arbitrary attribute data can be retrieved from LDAP user objects.

Metadata

Created: 2022-02-10T23:06:22Z
Modified: 2021-05-11T22:24:26Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/02/GHSA-v83p-xwm9-v4g8/GHSA-v83p-xwm9-v4g8.json
CWE IDs: ["CWE-74"]
Alternative ID: GHSA-v83p-xwm9-v4g8
Finding: F184
Auto approve: 1