CVE-2024-52946
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-52946
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-52946.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-52946
- Related
- Published
- 2024-11-18T06:15:06Z
- Modified
- 2025-01-11T13:55:45.949616Z
- Summary
- [none]
- Details
-
An issue was discovered in LemonLDAP::NG before 2.20.1. An Improper Check during session refresh allows an authenticated user to raise their authentication level if the admin configured an "Adaptative authentication rule" with an increment instead of an absolute value.
- References
Affected packages
Debian:11 / lemonldap-ng
Package
- Name
- lemonldap-ng
- Purl
- pkg:deb/debian/lemonldap-ng?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.0.11+ds-4+deb11u6
Debian:12 / lemonldap-ng
Package
- Name
- lemonldap-ng
- Purl
- pkg:deb/debian/lemonldap-ng?arch=source
Debian:13 / lemonldap-ng
Package
- Name
- lemonldap-ng
- Purl
- pkg:deb/debian/lemonldap-ng?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.20.1+ds-1
Affected versions
2.*
2.16.1+ds-2
2.16.1+ds-deb12u1
2.16.1+ds-deb12u2
2.16.1+ds-deb12u3
2.16.1+ds-deb12u4
2.16.2+ds-1
2.17.0+ds-1~bpo12+1
2.17.0+ds-1
2.17.0+ds2-1~bpo11+1
2.17.0+ds2-1
2.17.1+ds-1
2.17.2+ds-1
2.17.2+ds-2~bpo11+1
2.17.2+ds-2~bpo12+1
2.17.2+ds-2
2.18.1+ds-1~bpo10+1
2.18.1+ds-1~bpo11+1
2.18.1+ds-1~bpo12+1
2.18.1+ds-1
2.18.2+ds-1~bpo10+1
2.18.2+ds-1~bpo11+1
2.18.2+ds-1~bpo12+1
2.18.2+ds-1
2.19.0+ds-1
2.19.0+ds-2~bpo11+1
2.19.0+ds-2~bpo12+1
2.19.0+ds-2
2.19.1+ds-1
2.19.1+ds-2
2.19.1+ds-3~bpo12+1
2.19.1+ds-3
2.19.1+ds-4
2.19.2+ds-1~bpo11+1
2.19.2+ds-1~bpo12+1
2.19.2+ds-1
2.20.0+ds-1
2.20.0+ds-2~bpo12+1
2.20.0+ds-2
2.20.1+ds-1~bpo12+1