logo

Database

Authentication mechanism absence or evasion In org.openidentityplatform.openam:openam-core

Description

NT auth module vulnerability in OpenAM The NT auth module in OpenAM before 14.6.6 allows a "replace Samba username attack."

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2022-342982. NVD-2022-342983. OSV-2022-342984. GCVE-2022-34298

References

1. https://github.com/OpenIdentityPlatform/OpenAM/pull/5142. https://github.com/OpenIdentityPlatform/OpenAM/compare/14.6.5...14.6.63. https://github.com/OpenIdentityPlatform/OpenAM/releases/tag/14.6.64. https://github.com/watchtowrlabs/CVE-2022-34298

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.