-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| com.unboundid:unboundid-ldapsdk | maven | >= 1.1.0, < 4.0.5 | 4.0.5 |
Miggo AIRoot Cause AnalysisThe patch shows that the check for empty password was incorrectly placed after the synchronous mode check in the process function of SimpleBindRequest class. By moving this check to before the synchronous mode check, the vulnerability is fixed. This indicates that the process function is the vulnerable function.