CVE-2018-11407
unknown
CVSS v3
—
CVSS v2
—
VIR risk
—
Description
An issue was discovered in the Ldap component in Symfony 2.8.x before 2.8.37, 3.3.x before 3.3.17, 3.4.x before 3.4.7, and 4.0.x before 4.0.7. It allows remote attackers to bypass authentication by logging in with a "null" password and valid username, which triggers an unauthenticated bind. NOTE: this issue exists because of an incomplete fix for CVE-2016-2403.
Predictions
Exploit likelihood
30%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2018-11407
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| debian | bookworm | fixed | 3.4.12+dfsg-1 |
| debian | bullseye | fixed | 3.4.12+dfsg-1 |
| debian | forky | fixed | 3.4.12+dfsg-1 |
| debian | sid | fixed | 3.4.12+dfsg-1 |
| debian | trixie | fixed | 3.4.12+dfsg-1 |
Package impact
| Ecosystem | Package | Vulnerable | Fixed |
|---|---|---|---|
| Packagist | symfony/security-core | >=2.8.0,<2.8.37 | 2.8.37 |
| Packagist | symfony/security-core | >=3.0.0,<3.3.17 | 3.3.17 |
| Packagist | symfony/security-core | >=3.4.0,<3.4.7 | 3.4.7 |
| Packagist | symfony/security-core | >=4.0.0,<4.0.7 | 4.0.7 |
| Packagist | symfony/security | >=2.8.0,<2.8.37 | 2.8.37 |
| Packagist | symfony/security | >=3.0.0,<3.3.17 | 3.3.17 |
| Packagist | symfony/security | >=3.4.0,<3.4.7 | 3.4.7 |
| Packagist | symfony/security | >=4.0.0,<4.0.7 | 4.0.7 |
| Packagist | symfony/symfony | >=2.8.0,<2.8.37 | 2.8.37 |
| Packagist | symfony/symfony | >=3.0.0,<3.3.17 | 3.3.17 |
| Packagist | symfony/symfony | >=3.4.0,<3.4.7 | 3.4.7 |
| Packagist | symfony/symfony | >=4.0.0,<4.0.7 | 4.0.7 |
References
- https://nvd.nist.gov/vuln/detail/CVE-2018-11407
- https://github.com/symfony/symfony/pull/27377
- https://github.com/symfony/symfony/commit/b46fc93785d37ffa5d706a82cd175b33ce8f2934
- https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security-core/CVE-2018-11407.yaml
- https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/security/CVE-2018-11407.yaml
- https://github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2018-11407.yaml
- https://github.com/symfony/symfony
- https://symfony.com/blog/cve-2018-11407-unauthorized-access-on-a-misconfigured-ldap-server-when-using-an-empty-password
- https://symfony.com/cve-2018-11407
- https://security-tracker.debian.org/tracker/CVE-2018-11407
Verify integrity in audit chain (admin only). AS-IS.