{"vulnerability": "CVE-2024-39848", "sightings": [{"uuid": "1a226ab8-8fad-4e1e-b18e-f02d8827f2f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39848", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8696", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-39848\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Internet2 Grouper before 5.6 allows authentication bypass when LDAP authentication is used in certain ways. This is related to internet2.middleware.grouper.ws.security.WsGrouperLdapAuthentication and the use of the UyY29r password for the M3vwHr account. This also affects \"Grouper for Web Services\" before 4.13.1.\n\ud83d\udccf Published: 2024-06-29T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-25T16:11:17.278Z\n\ud83d\udd17 References:\n1. https://spaces.at.internet2.edu/display/Grouper/Grouper+bug+-+GRP-5515+-+web+services+LDAP+authentication+security+vulnerability", "creation_timestamp": "2025-03-25T16:24:58.000000Z"}]}