Hello,
We have begun testing our site for update to Joomla 5.1.2. Our security team ran a Web Application Scan and reported this vulnerability.
I have verified that we do not have any LDAP plugins enabled.
Is there a remediation for this vulnerability?
Could this be a false positive since we do not have LDAP enabled?
Thanks in advance for any information you can provide!
DD
Login Bypass via LDAP Injection
CWE http://cwe.mitre.org/data/definitions/90.html
Details
Threat
LDAP injection enables an attacker to modify the syntax of an LDAP query in order to retrieve, corrupt or delete data from the LDAP database. This is accomplished by manipulating query criteria in a manner that affects the query's logic. The typical causes of this vulnerability are lack of input validation and insecure construction of the LDAP query.
Queries created by concatenating strings with LDAP syntax and user-supplied data are prone to this vulnerability. If any part of the string concatenation can be modified, the meaning of the query can be changed. WAS scan checks if there was a successful login with injected queries.
Impact
The scope of a LDAP injection exploit varies greatly. If any LDAP statement can be injected into the query, the attacker has the equivalent access of an LDAP database administrator. This access could lead to theft of data, malicious corruption of data, or deletion of data.
Solution
LDAP injection vulnerabilities can be mitigated with input validation and enhanced LDAP security.
All input received from the web client should be validated for correct content. If a value's type or content range is known beforehand, then stricter filters should be applied. For example, an email address should be in a specific format and only contain characters that make it a valid address, or numeric fields like a U.S. zip
code should be limited to five digit values.
LDAP injection exploits can be mitigated by the use of Access Control Lists or role-based access within the database. For example, a read-only account would prevent an attacker from modifying data, but would not prevent the attacker from viewing unauthorized data. Table and row-based access controls potentially minimize the scope of a compromise, but they do not prevent exploits.
We have begun testing our site for update to Joomla 5.1.2. Our security team ran a Web Application Scan and reported this vulnerability.
I have verified that we do not have any LDAP plugins enabled.
Is there a remediation for this vulnerability?
Could this be a false positive since we do not have LDAP enabled?
Thanks in advance for any information you can provide!
DD
Login Bypass via LDAP Injection
CWE http://cwe.mitre.org/data/definitions/90.html
Details
Threat
LDAP injection enables an attacker to modify the syntax of an LDAP query in order to retrieve, corrupt or delete data from the LDAP database. This is accomplished by manipulating query criteria in a manner that affects the query's logic. The typical causes of this vulnerability are lack of input validation and insecure construction of the LDAP query.
Queries created by concatenating strings with LDAP syntax and user-supplied data are prone to this vulnerability. If any part of the string concatenation can be modified, the meaning of the query can be changed. WAS scan checks if there was a successful login with injected queries.
Impact
The scope of a LDAP injection exploit varies greatly. If any LDAP statement can be injected into the query, the attacker has the equivalent access of an LDAP database administrator. This access could lead to theft of data, malicious corruption of data, or deletion of data.
Solution
LDAP injection vulnerabilities can be mitigated with input validation and enhanced LDAP security.
All input received from the web client should be validated for correct content. If a value's type or content range is known beforehand, then stricter filters should be applied. For example, an email address should be in a specific format and only contain characters that make it a valid address, or numeric fields like a U.S. zip
code should be limited to five digit values.
LDAP injection exploits can be mitigated by the use of Access Control Lists or role-based access within the database. For example, a read-only account would prevent an attacker from modifying data, but would not prevent the attacker from viewing unauthorized data. Table and row-based access controls potentially minimize the scope of a compromise, but they do not prevent exploits.
Statistics: Posted by dudedowne — Mon Jul 29, 2024 3:08 pm