Vulnerabilities > Packetfence

DATE CVE VULNERABILITY TITLE RISK
2018-02-01 CVE-2011-4069 LDAP Injection vulnerability in Packetfence
html/admin/login.php in PacketFence before 3.0.2 allows remote attackers to conduct LDAP injection attacks and consequently bypass authentication via a crafted username.
network
low complexity
packetfence CWE-90
critical
 9.8
9.8
2018-02-01 CVE-2011-4068 Improper Authentication vulnerability in Packetfence
The check_password function in html/admin/login.php in PacketFence before 3.0.2 allows remote attackers to bypass authentication via an empty password.
network
low complexity
packetfence CWE-287
critical
 9.8
9.8