ZITADEL is an open source identity management platform. From 2.71.11 to before 3.4.10 and 4.15.0, a vulnerability was discovered in Zitadel's LDAP identity provider implementation, which fails to properly escape user-provided usernames before incorporating them into LDAP search filters. This allows unauthenticated attackers to perform LDAP Filter Injection during the login process. While this vulnerability does not allow for a full authentication bypass, an attacker can use LDAP metacharacters (such as *, (, )) to perform blind LDAP injection. By observing the different failure (or success) responses, an attacker can systematically enumerate valid usernames and extract sensitive attribute data from the connected LDAP directory. This vulnerability is fixed in 3.4.10 and 4.15.0.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NZitadel
APPZitadel2.71.11 – 3.4.10 (bez)4.0.0 – 4.15.0 (bez)
Powiązane podatności
XSS w Zitadel Login V2 — możliwe przejęcie konta przez /saml-post
SSRF bez uwierzytelnienia w ZITADEL — odczyt wewnętrznych zasobów sieciowych
IDOR w Zitadel Admin API umożliwia modyfikację wrażliwych ustawień
ZITADEL is an open source identity management platform. From 2.68.0 to before 3.4.8 and 4.12.2, Zitadel provid...
ZITADEL is an open source identity management platform. Prior to 3.4.8 and 4.12.2, a vulnerability in Zitadel'...