← Back

CVE-2010-1596

nvd nist
Published: Apr 28, 2010Modified: Apr 29, 2026

JSON object

Loading...
6.8
Vector
AV:N/AC:M/Au:N/C:P/I:P/A:P
Exploitability: 8.6 / Impact: 6.4
Source: NVD

Description

Support Incident Tracker before 3.51, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty password.

Affected (21)

Sitracker
1 product
Support Incident Tracker
Configuration A
21 vulnerable
Vulnerable SoftwareAffected Versions
Sitracker
Support Incident Tracker
Up to 3.50
Support Incident Tracker
Version 3.21
Support Incident Tracker
Version 3.22
Support Incident Tracker
Version 3.22pl1
Support Incident Tracker
Version 3.23
Support Incident Tracker
Version 3.24
Support Incident Tracker
Version 3.24 beta-2
Support Incident Tracker
Version 3.30
Support Incident Tracker
Version 3.30 beta2
Support Incident Tracker
Version 3.31
Support Incident Tracker
Version 3.32
Support Incident Tracker
Version 3.33
Support Incident Tracker
Version 3.35
Support Incident Tracker
Version 3.35 beta1
Support Incident Tracker
Version 3.36
Support Incident Tracker
Version 3.40
Support Incident Tracker
Version 3.40 beta1
Support Incident Tracker
Version 3.41
Support Incident Tracker
Version 3.45
Support Incident Tracker
Version 3.45 beta1
Support Incident Tracker
Version 3.50 beta1

Related CWEs

CWE-287
Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (14)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Patch
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.