Apache Karaf before 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache karaf |