Improper Authentication (CWE-287) in the LDAP authentication engine in AxxonSoft Axxon One (C-Werk) 2.0.2 and earlier on Windows allows a remote authenticated user to be denied access or misassigned roles via incorrect evaluation of nested LDAP group memberships during login.
Add your gear to cvedb and we'll alert you only when axxonsoft ships something exploited.
Check my exposure →This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.