Vulnerability Details : CVE-2021-32651
OneDev is a development operations platform. If the LDAP external authentication mechanism is enabled in OneDev versions 4.4.1 and prior, an attacker can manipulate a user search filter to send forged queries to the application and explore the LDAP tree using Blind LDAP Injection techniques. The specific payload depends on how the User Search Filter property is configured in OneDev. This issue was fixed in version 4.4.2.
Products affected by CVE-2021-32651
- cpe:2.3:a:onedev_project:onedev:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-32651
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 21 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-32651
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:N/A:N |
8.6
|
2.9
|
NIST | |
4.3
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
2.8
|
1.4
|
NIST | |
3.1
|
LOW | CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
1.6
|
1.4
|
GitHub, Inc. |
CWE ids for CVE-2021-32651
-
The product constructs all or part of an LDAP query using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended LDAP query when it is sent to a downstream component.Assigned by: security-advisories@github.com (Primary)
References for CVE-2021-32651
-
https://github.com/theonedev/onedev/security/advisories/GHSA-5864-2496-4xjf
LDAP injection via OneDev may leak some LDAP directory information · Advisory · theonedev/onedev · GitHubExploit;Third Party Advisory
-
https://github.com/theonedev/onedev/commit/4440f0c57e440488d7e653417b2547eaae8ad19c
Fix issue #304 - Potential information leak via Ldap injection when ldap · theonedev/onedev@4440f0c · GitHubPatch;Third Party Advisory
Jump to