Graylog2 LDAP Authentication Bypass Vulnerability

medium Nessus Plugin ID 81259

Synopsis

The remote host is affected by an authentication bypass vulnerability.

Description

The remote version of Graylog2 is affected by a vulnerability that allows remote attackers, using crafted wildcards, to bypass the authentication mechanisms when the installation is configured to use LDAP authentication.

Solution

Upgrade Graylog2 to version 0.92 or higher.

See Also

https://www.graylog2.org/news/post/0010-graylog2-v0-92

Plugin Details

Severity: Medium

ID: 81259

File Name: graylog2_cve_2014_9217.nasl

Version: 1.6

Type: remote

Family: CGI abuses

Published: 2/10/2015

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.5

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS Score Source: CVE-2014-9217

Vulnerability Information

CPE: cpe:/a:torch_gmbh:graylog2

Required KB Items: installed_sw/Graylog2

Exploit Ease: No known exploits are available

Patch Publication Date: 12/1/2014

Vulnerability Publication Date: 12/1/2014

Reference Information

CVE: CVE-2014-9217

BID: 71827