Ruby · Ldap Fluff · CVE-2012-5604
**Name of the Vulnerable Software and Affected Versions**
ldap fluff gem for Ruby (affected versions not specified)
Red Hat CloudForms version 1.1
**Description**
The issue allows remote attackers to bypass authentication via unspecified vectors when using Active Directory for authentication.
**Recommendations**
For Red Hat CloudForms version 1.1, consider disabling the use of Active Directory for authentication until a fix is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.