Exploit for #VU26577 LDAP injection in Apache Druid
Vulnerability identifier: #VU26577
Vulnerability risk: Medium
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-90
Exploitation vector: Network
Exploits in database: 1
- June 3, 2020
- CVE-2020-1958 (CVE-2020-1958 PoC) [Github]
Impact: Information disclosure and data manipulation
Vulnerable software:
Apache Druid
Server applications /
Database software
Vendor: Apache Foundation
