Symfony prior to 2.8.6 and 3.x prior to 3.0.6 allows remote malicious users to bypass authentication by logging in with an empty password and valid username, which triggers an unauthenticated bind.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sensiolabs symfony 2.8.1 |
||
sensiolabs symfony 2.8.2 |
||
sensiolabs symfony 2.8.3 |
||
sensiolabs symfony 3.0.4 |
||
sensiolabs symfony 3.0.5 |
||
sensiolabs symfony 2.8.4 |
||
sensiolabs symfony 2.8.5 |
||
sensiolabs symfony 3.0.0 |
||
sensiolabs symfony 3.0.1 |
||
sensiolabs symfony 2.8.0 |
||
sensiolabs symfony 3.0.2 |
||
sensiolabs symfony 3.0.3 |