Authentication Bypass Vulnerability in Symfony
CVE-2016-2403 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
Symfony before 2.8.6 and 3.x before 3.0.6 allows remote attackers to bypass authentication by logging in with an empty password and valid username, which triggers an unauthenticated bind.
Learn more about our Cis Benchmark Audit For Bind.