We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-12510

LDAP Authentication Sever Pass-back attack



Description

If LDAP settings are accessed, authentication could be redirected to another server, potentially exposing credentials. This requires admin access and an active LDAP setup.

Reserved 2024-12-11 | Published 2025-02-03 | Updated 2025-02-03 | Assigner Xerox


MEDIUM: 6.7CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L

Problem types

CWE-287: Improper Authentication

Product status

Default status
unknown

Any version before 37.82.53
affected

Default status
unknown

Any version before 38.82.53
affected

Default status
unknown

Any version before 67.82.53
affected

Default status
unknown

Any version before 68.82.53
affected

Default status
unknown

Any version before 32.82.53
affected

Default status
unknown

Any version before 33.82.53
affected

Default status
unknown

Any version before 61.82.53
affected

Default status
unknown

Any version before 62.82.53
affected

Default status
unknown

Any version before 56.75.53
affected

Default status
unknown

Any version before 57.75.53
affected

Default status
unknown

Any version before 58.75.53
affected

Default status
unknown

Any version before 59.24.53
affected

Default status
unknown

Any version before 69.24.53
affected

Default status
unknown

Any version before 70.75.53
affected

Default status
unknown

Any version before 72.75.53
affected

Default status
unknown

Any version before 64.75.53
affected

Default status
unknown

Any version before 65.75.53
affected

References

securitydocs.business.xerox.com/...Phaser-and-WorkCentre.pdf

cve.org (CVE-2024-12510)

nvd.nist.gov (CVE-2024-12510)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-12510

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.