← back
CVE-2013-5572

CVE-2013-5572

EPSS 4.1%
Zabbix 2.0.5 allows remote authenticated users to discover the LDAP bind password by leveraging management-console access and reading the ldap_bind_password value in the HTML source code.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/36157unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://archives.neohapsis.com/archives/fulldisclosure/2013-09/0149.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2014-May/132376.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2014-May/132377.html