Vulnerabilities > CVE-2019-15941 - Incorrect Authorization vulnerability in multiple products

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
lemonldap-ng
debian
CWE-863
critical
nessus

Summary

OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an attacker to bypass access control rules via a crafted OpenID Connect authorization request. To be vulnerable, there must exist an OIDC Relaying party within the LemonLDAP configuration with weaker access control rules than the target RP, and no filtering on redirection URIs.

Vulnerable Configurations

Part Description Count
Application
Lemonldap-Ng
6
OS
Debian
1

Common Weakness Enumeration (CWE)

Nessus

NASL familyDebian Local Security Checks
NASL idDEBIAN_DSA-4533.NASL
descriptionIt was discovered that the Lemonldap::NG web SSO system did not restrict OIDC authorization codes to the relying party.
last seen2020-06-01
modified2020-06-02
plugin id129365
published2019-09-26
reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/129365
titleDebian DSA-4533-1 : lemonldap-ng - security update