LDAP Entry Poisoning Vulnerability in Groovy LDAP API
CVE-2016-6497 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
main/java/org/apache/directory/groovyldap/LDAP.java in the Groovy LDAP API in Apache allows attackers to conduct LDAP entry poisoning attacks by leveraging setting returnObjFlag to true for all search methods.
Learn more about our Cis Benchmark Audit For Apache Http Server.