Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Cherokee Improper Authentication Vulnerability - CVE-2014-4668 - Vulnerability Database
Cherokee

Cherokee Improper Authentication Vulnerability - CVE-2014-4668

Medium
Reference: CVE-2014-4668
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2014-4668
Title: Cherokee Improper Authentication Vulnerability
Overview:

The cherokee_validator_ldap_check function in validator_ldap.c in Cherokee 1.2.103 and earlier when LDAP is used does not properly consider unauthenticated-bind semantics which allows remote attackers to bypass authentication via an empty password.