packages/wekan-ldap/server/ldap.js in Wekan before 4.87 can process connections even though they are not authorized by the Certification Authority trust store,
References
Link | Resource |
---|---|
https://github.com/wekan/wekan/issues/3482 | Exploit Issue Tracking Third Party Advisory |
https://github.com/wekan/wekan/pull/3483/commits/31f89121fecca5a761b05cc3a26d4f237e90b484 | Patch Third Party Advisory |
https://github.com/wekan/wekan/releases/tag/v4.87 | Release Notes Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-01-26T20:13:54
Updated: 2021-01-26T20:13:54
Reserved: 2021-01-26T00:00:00
Link: CVE-2021-3309
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-01-26T21:15:13.063
Modified: 2021-02-02T15:20:35.127
Link: CVE-2021-3309
JSON object: View
Redhat Information
No data.
CWE