While investigating DIRSTUDIO-1219 it was noticed that configured StartTLS encryption was not applied when any SASL authentication mechanism (DIGEST-MD5, GSSAPI) was used. While investigating DIRSTUDIO-1220 it was noticed that any configured SASL confidentiality layer was not applied. This issue affects Apache Directory Studio version 2.0.0.v20210213-M16 and prior versions.
2021-07-26T07:15:07.183
2024-11-21T06:09:44.737
Modified
CVSSv3.1: 7.5 (HIGH)
AV:N/AC:L/Au:N/C:P/I:N/A:N
10.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | apache | directory_studio | ≤ 1.5.3 | Yes |
| Application | apache | directory_studio | 2.0.0 | Yes |
| Application | apache | directory_studio | 2.0.0 | Yes |
| Application | apache | directory_studio | 2.0.0 | Yes |
| Application | apache | directory_studio | 2.0.0 | Yes |
| Application | apache | directory_studio | 2.0.0 | Yes |
| Application | apache | directory_studio | 2.0.0 | Yes |
| Application | apache | directory_studio | 2.0.0 | Yes |
| Application | apache | directory_studio | 2.0.0 | Yes |
| Application | apache | directory_studio | 2.0.0 | Yes |
| Application | apache | directory_studio | 2.0.0 | Yes |
| Application | apache | directory_studio | 2.0.0 | Yes |
| Application | apache | directory_studio | 2.0.0 | Yes |
| Application | apache | directory_studio | 2.0.0 | Yes |
| Application | apache | directory_studio | 2.0.0 | Yes |
| Application | apache | directory_studio | 2.0.0 | Yes |
| Application | apache | directory_studio | 2.0.0 | Yes |