Cleartext Transmission of Sensitive Information vulnerability in ForgeRock Inc. OpenIDM and Java Remote Connector Server (RCS) LDAP Connector on Windows, MacOS, Linux allows Remote Services with Stolen Credentials.This issue affects OpenIDM and Java Remote Connector Server (RCS): from 1.5.20.9 through 1.5.20.13.
References
| Link | Resource |
|---|---|
| https://backstage.forgerock.com/downloads/browse/idm/all/productId:idm-connectors/subProductId:ldap/minorVersion:1.5/version:1.5.20.14 | Permissions Required |
| https://backstage.forgerock.com/knowledge/kb/article/a14149722 | Mitigation Vendor Advisory |
Configurations
History
07 Nov 2023, 04:04
| Type | Values Removed | Values Added |
|---|---|---|
| Summary | Cleartext Transmission of Sensitive Information vulnerability in ForgeRock Inc. OpenIDM and Java Remote Connector Server (RCS) LDAP Connector on Windows, MacOS, Linux allows Remote Services with Stolen Credentials.This issue affects OpenIDM and Java Remote Connector Server (RCS): from 1.5.20.9 through 1.5.20.13. |
06 Apr 2023, 17:33
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) https://backstage.forgerock.com/knowledge/kb/article/a14149722 - Mitigation, Vendor Advisory | |
| References | (MISC) https://backstage.forgerock.com/downloads/browse/idm/all/productId:idm-connectors/subProductId:ldap/minorVersion:1.5/version:1.5.20.14 - Permissions Required | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
| CWE | CWE-319 | |
| CPE | cpe:2.3:a:forgerock:ldap_connector:*:*:*:*:*:*:*:* | |
| First Time |
Forgerock ldap Connector
Forgerock |
29 Mar 2023, 20:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-03-29 20:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-1656
Mitre link : CVE-2023-1656
CVE.ORG link : CVE-2023-1656
JSON object : View
Products Affected
forgerock
- ldap_connector
CWE
CWE-319
Cleartext Transmission of Sensitive Information