Vulnerability Details : CVE-2019-15941
OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an attacker to bypass access control rules via a crafted OpenID Connect authorization request. To be vulnerable, there must exist an OIDC Relaying party within the LemonLDAP configuration with weaker access control rules than the target RP, and no filtering on redirection URIs.
Products affected by CVE-2019-15941
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:lemonldap-ng:lemonldap\:\:ng:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-15941
0.55%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 65 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-15941
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2019-15941
-
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.Assigned by: nvd@nist.gov (Primary)
References for CVE-2019-15941
-
https://www.debian.org/security/2019/dsa-4533
Debian -- Security Information -- DSA-4533-1 lemonldap-ngThird Party Advisory
-
https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues/1881
[Security:high] oidc authorization codes are not tied to their RP (#1881) · Issues · LemonLDAP NG / lemonldap-ng · GitLabThird Party Advisory
-
https://projects.ow2.org/view/lemonldap-ng/lemonldap-ng-2-0-6-is-out/
OW2 - lemonldap-ng.lemonldap-ng-2-0-6-is-out - LemonLDAP::NG 2.0.6 is out!Third Party Advisory
-
https://seclists.org/bugtraq/2019/Sep/46
Bugtraq: [SECURITY] [DSA 4533-1] lemonldap-ng security updateMailing List;Third Party Advisory
Jump to