CVE-2022-43959
- Reference to the description:
- Description:
- Insufficiently Protected Credentials in the AD/LDAP server settings in 1C-Bitrix Bitrix24 through 22.200.200 allow remote administrators to discover an AD/LDAP administrative password by reading the source code of /bitrix/admin/ldap_server_edit.php.
- Last updated date:
- 08/08/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 10/28/2022
- Reference url to background
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 02/02/2023
- Reference url to background