New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Java] CWE-522: Insecure LDAP authentication #218

Closed

1 task done

luchua-bc opened this issue Dec 21, 2020 · 7 comments

Closed

1 task done

[Java] CWE-522: Insecure LDAP authentication #218

luchua-bc opened this issue Dec 21, 2020 · 7 comments

Labels

luchua-bc commented Dec 21, 2020 •

edited

CVE ID(s)

List the CVE ID(s) associated with this vulnerability. GitHub will automatically link CVE IDs to the GitHub Advisory Database.

Report

Describe the vulnerability. Provide any information you think will help GitHub assess the impact your query has on the open source community.

When using the Java LDAP API to perform LDAPv3-style extended operations and controls like user profile retrieval, a context with connection properties including user credentials is started. Transmission of LDAP credentials in cleartext allows remote attackers to obtain sensitive information by sniffing the network.

This query detects transmission of cleartext credentials in LDAP authentication, which meets the following two criteria:

Use the protocol "ldap" instead of "ldaps"
Use "simple" authentication instead of SASL authentication with encrypted/hashed credentials

Relevant PR: #4854

Are you planning to discuss this vulnerability submission publicly? (Blog Post, social networks, etc). We would love to have you spread the word about the good work you are doing

Result(s)

Provide at least one useful result found by your query, on some revision of a real project.

0code0/JAVA

luchua-bc added the All For One label

Collaborator

ghsecuritylab commented Jan 4, 2021

Your submission is now in status SecLab review.

For information, the evaluation workflow is the following:
CodeQL initial assessment > SecLab review > CodeQL review > SecLab finalize > Pay > Closed

Collaborator

ghsecuritylab commented Jan 19, 2021

Your submission is now in status CodeQL review.

For information, the evaluation workflow is the following:
CodeQL initial assessment > SecLab review > CodeQL review > SecLab finalize > Pay > Closed

Collaborator

ghsecuritylab commented Feb 4, 2021

Your submission is now in status SecLab finalize.

For information, the evaluation workflow is the following:
CodeQL initial assessment > SecLab review > CodeQL review > SecLab finalize > Pay > Closed

Collaborator

ghsecuritylab commented Feb 4, 2021

Your submission is now in status Pay.

For information, the evaluation workflow is the following:
CodeQL initial assessment > SecLab review > CodeQL review > SecLab finalize > Pay > Closed

Contributor

xcorail commented Feb 4, 2021

Created Hackerone report 1095708 for bounty 275741 : [218] [Java] CWE-522: Insecure LDAP authentication

xcorail closed this as completed

Collaborator

ghsecuritylab commented Feb 4, 2021

Your submission is now in status Closed.

For information, the evaluation workflow is the following:
CodeQL initial assessment > SecLab review > CodeQL review > SecLab finalize > Pay > Closed

Author

luchua-bc commented Feb 4, 2021

Thanks @xcorail for the quick turn-around and the bounty:-)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment