CVE-2021-3027

Name of the Vulnerable Software and Affected Versions LibrIT PaSSHport versions 2.5 and earlier

Description The issue exists due to the lack of measures to neutralize special elements in LDAP requests, allowing for LDAP injection. This can be exploited by a remote attacker to gain unauthorized access to protected information by sending specially crafted queries. The vulnerability leads to an information leak through the crafting of special queries, escaping the provided search filter because user input is not sanitized.

Recommendations For LibrIT PaSSHport versions 2.5 and earlier, consider disabling the LDAP functionality until a patch is available to prevent exploitation. Restrict access to the app/views mod/user/user.py module to minimize the risk of information leak. Avoid using unsanitized user input in LDAP queries until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.