CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0143 – LDAP Connector: When startTLS is used then LDAP connector ignores the wrong password
https://notcve.org/view.php?id=CVE-2022-0143
When the LDAP connector is started with StartTLS configured, unauthenticated access is granted. This issue affects: all versions of the LDAP connector prior to 1.5.20.9. The LDAP connector is bundled with Identity Management (IDM) and Remote Connector Server (RCS) Cuando el conector LDAP es iniciado con StartTLS configurado, es concedido acceso no autenticado. Este problema afecta a: todas las versiones del conector LDAP anteriores a 1.5.20.9. El conector LDAP es incluido con Identity Management (IDM) y Remote Connector Server (RCS) • https://backstage.forgerock.com/downloads/browse/idm/featured/connectors https://backstage.forgerock.com/knowledge/kb/article/a11380515 • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •