cvedb.io
CVE-2022-31088
MEDIUM · CVSS 5.3
EPSS exploitation probability: 0%
Published 2022-06-27T21:15:08.397 · Last modified 2026-06-17T04:44:46.293

Summary

LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 the user name field at login could be used to enumerate LDAP data. This is only the case for LDAP search configuration. This issue has been fixed in version 8.0.

Affected products

ldap-account-manager — ldap_account_manager

Does this affect you?

Add your gear to cvedb and we'll alert you only when ldap-account-manager ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.